Reflecting on the CrowdStrike Crisis: Pride in Aptean’s SaaS Strategy and Preparedness

Two weeks have passed since the CrowdStrike crisis, and I am filled with a profound sense of pride in Aptean's Software as a Service (SaaS) strategy, our unwavering focus on cloud security and the reliability of our services. As a CTO, receiving an urgent call at 12:15 a.m. ET is never desirable, but it is moments like these that test and prove the robustness of our technology.

Our early detection system had flagged that customers' systems were going offline and put Aptean in immediate crisis management mode to safeguard our customers' critical IT infrastructures.

Although our SaaS services remained unaffected, we quickly implemented protocols to mitigate uncertainties. This included stopping all patches, downloads and further anomalies as Asia began its workday, when the incident's cause was still unknown.

By 1:00 a.m., our crisis response team—led by myself and our CEO, TVN Reddy—was fully operational. We established a war room to ensure we could assist our customers as quickly as possible, prioritising sectors such as manufacturing, healthcare and critical infrastructure.

By 4:00 a.m., we identified the source of the issue. We collaborated with our customers to prevent them from uploading updates from vendors. Within 24 hours, CrowdStrike and Microsoft had issued patches and procedures to eliminate the problem.

By 10:45 a.m. on Saturday, we had no newly reported issues from our customers and felt a deep sense of pride in the resilience we’ve created and the team we've assembled to help our customers thrive in the face of adversity.

Lessons Learned

The CrowdStrike crisis underscored several critical lessons for the IT industry. Here are the key takeaways:

1. Overreliance on a Single System Creates Liability

Relying on a single system for your operations can lead to significant vulnerabilities. Diversification in IT solutions is essential to mitigate widespread failures.

2. Bad Code Is Dangerous

This incident highlighted the catastrophic potential of flawed software updates. Rigorous code review and testing are crucial to prevent such failures.

3. Quality Assurance Is Absolutely Necessary

Effective quality assurance processes must be in place to catch issues before they reach the customer. Automated testing can help ensure that even minor changes do not introduce new bugs.

4. Staged Rollouts Can Help Prevent Catastrophe

Deploying updates gradually can aid in the identification and resolution of issues before they affect users. This approach minimises the risk of widespread disruption.

5. Disaster Recovery Plans and Backups Are Must-Haves

Robust disaster recovery plans and reliable backups are essential for quick recovery from IT disruptions. These measures help ensure business continuity and data integrity.

6. Enhanced Monitoring Is Critical

Advanced monitoring tools are vital. They enable quick identification, isolation and resolution of issues.

7. A 24/7 Crisis Response Team Always Has Your Back

Having a dedicated crisis response team that operates around the clock is crucial for effective crisis management. This team ensures a rapid and coordinated response to minimise impact.

8. Prepare for the Next Time

Continuous training, practice and learning are necessary to improve crisis management strategies. Organisations must evolve their risk management frameworks to stay ahead of potential threats.

Put to the Test, Aptean’s Cybersecurity Shines and Grows Stronger

The CrowdStrike crisis was a wake-up call for the entire IT industry, emphasising the need for robust preparedness and resilient systems. This incident also highlighted the importance of having a dedicated crisis response team and continuously improving risk management strategies.

The lessons learned from this crisis are invaluable and will guide us in strengthening our systems and processes, ensuring we are ready for any future challenges. By adopting advanced monitoring tools, staged rollouts and robust disaster recovery plans, organisations can better prepare for and navigate future crises.

Aptean's SaaS strategy, with its focus on early detection, a 24/7 war room and comprehensive customer support, proved its effectiveness in safeguarding our customers' IT infrastructure. We’re proud to say that, the face of adversity, our preparedness ensured our customers' continuity and success.

If you’d like to learn more about Aptean’s purpose-built SaaS solutions with best-in-class cybersecurity and IT support, contact us today.