- on July 19, CrowdStrike’s attempt to update its real-time threat detection and endpoint protection „Falcon Sensor” led to a system crash that affected 8.5 million Microsoft Windows devices and caused IT and operational disruptions worldwide.
While this incident was not caused by a cyberattack or malware, it does highlight the importance of a comprehensive and reliable backup and disaster recovery strategy.
CrowdStrike had an immediate, global impact
The outage was first noticed in Australia, and the „blue screen of death” spread across Windows devices around the world, significantly crippling users, businesses and organizations providing critical services. By afternoon, about 2,600 flights had been canceled in the United States. It affected more than 4,200 flights worldwide, so airlines had to resort to manual check-in, the Wall Street Journal reports.
How long RTOs affect business operations
Following the incident, CrowdStrike attempted to provide technical support and released a patch to get the system back up and running. However, most of the systems used by organizations were not able to recover automatically through the patch. As a result, IT administrators had to manually put all affected devices into safe mode and delete problematic updates from CrowdStrike. Although Microsoft introduced a „process-minimizing” solution the next day to help automatically delete corrupted files, manually booting each device into WinPE via USB drive was still laborious and significantly lengthened the backup time. process.
Downtime leads to operational disruptions, reduced productivity, additional costs, increased risks, and ultimately, a negative customer experience and a damaged company reputation.
Developing a strong data protection plan for continuity
Comprehensive backups : Especially for multi-platform or multi-device businesses, implementing a backup strategy that regularly covers all sources and devices without isolated data is vital.
Instant VM recovery: Virtualize services and restore operations as quickly as possible to reduce downtime and ensure business continuity.
Cross-Platform Recovery: For CrowdStrike, only one platform was affected. Businesses can minimize the risk of data loss by ensuring that all data, applications and systems are recoverable across multiple environments.
Off-site backup and recovery: In addition to on-site data backup, implementing off-site backup can reduce the risks associated with data loss. If a company had an off-site cloud backup at the time of the CloudStrike incident, it would have been easy to restore services from an off-site backup location.
Backup is the key to data resilience
Developing a secure backup and disaster recovery plan is key to data resilience and a vital step for businesses seeking digital transformation. The CrowdStrike incident strongly highlights the importance of having a reliable backup strategy and regularly testing backups to maintain business continuity even in unforeseen circumstances.
Click here to learn how you can enhance your data protection with Synology’s solutions.