This is an unpopular opinion, and I get why – people crave a scapegoat. CrowdStrike undeniably pushed a faulty update demanding a low-level fix (booting into recovery). However, this incident lays bare the fragility of corporate IT, particularly for companies entrusted with vast amounts of sensitive personal information.

Robust disaster recovery plans, including automated processes to remotely reboot and remediate thousands of machines, aren’t revolutionary. They’re basic hygiene, especially when considering the potential consequences of a breach. Yet, this incident highlights a systemic failure across many organizations. While CrowdStrike erred, the real culprit is a culture of shortcuts and misplaced priorities within corporate IT.

Too often, companies throw millions at vendor contracts, lured by flashy promises and neglecting the due diligence necessary to ensure those solutions truly fit their needs. This is exacerbated by a corporate culture where CEOs, vice presidents, and managers are often more easily swayed by vendor kickbacks, gifts, and lavish trips than by investing in innovative ideas with measurable outcomes.

This misguided approach not only results in bloated IT budgets but also leaves companies vulnerable to precisely the kind of disruptions caused by the CrowdStrike incident. When decision-makers prioritize personal gain over the long-term health and security of their IT infrastructure, it’s ultimately the customers and their data that suffer.

  • Lettuce eat lettuce
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    5 months ago

    I’ve seen the same thing. IT departments are less and less interested in building and maintaining in-house solutions.

    I get why, it requires more time, effort, money, and experienced staff to pay.

    But you gain more robust systems when it’s done well. Companies want to cut costs everywhere they can, and it’s cheaper to just pay an outside company to do XY&Z for you and just hire an MSP to manage your web portals for it, or maybe a 2-3 internal sys admins that are expected to do all that plus level 1 help desk support.

    Same thing has happened with end users. We spent so much time trying to make computers “friendly” to people, that we actually just made people computer illiterate.

    I find myself in a strange place where I am having to help Boomers, older Gen-X, and Gen-Z with incredibly basic computer functions.

    Things like:

    • Changing their passwords when the policy requires it.
    • Showing people where the Start menu is and how to search for programs there.
    • How to pin a shortcut to their task bar.
    • How to snap windows to half the screen.
    • How to un-mute their volume.
    • How to change their audio device in Teams or Zoom from their speakers to their headphones.
    • How to log out of their account and log back in.
    • How to move files between folders.
    • How to download attachments from emails.
    • How to attach files in an email.
    • How to create and organize Browser shortcuts.
    • How to open a hyperlink in a document.
    • How to play an audio or video file in an email.
    • How to expand a basic folder structure in a file tree.
    • How to press buttons on their desk phone to hear voicemails.

    It’s like only older Millennials and younger gen-X seem to have a general understanding of basic computer usage.

    Much of this stuff has been the same for literally 30+ years. The Start menu, folders, voicemail, email, hyperlinks, browser bookmarks, etc. The coat of paint changes every 5-7 years, but almost all the same principles are identical.

    Can you imagine people not knowing how to put a car in drive, turn on the windshield wipers, or fill it with petrol, just because every 5-7 years the body style changes a little?