Jean Laval Chue HimDirector| Stella Aurorae Accountants Pty LtdSydney, Nsw, Australia
CRITICAL SYSTEMS Cybersecurity measures to prevent recent Crowdstrike/ Microsoft hosts crashing next time: Since Crowdstrike software seems embedded in Ms O/S at the Kernel level, the AUTO update should be turned OFF on hosts. Only the Administrator should be able to ALLOW Permission for an update to be made to hosts. IFF Administrators have gauged that an update is safe and no reports of issues should they PERMIT the update to be done at the Corporate or their Organisation Level.
We used to have similar issues with updates with Java. Sometimes if the updates are on AUTO some previous Java apps may crash due to a new update.
The onus should be on the Systems Administrator to ensure an update will not affect adversely the system/s Saving Changes...
Sort By:
Thomas WalentaGlobal Project Economy ExpertHackenheim, Germany
Make our systems resilient. Crashes will happen.
Automation of everything, coding changes, testing, rollout, and acceptance will continue and increase, and humans (admin) will not be able to check and approve changes due to a lack of understanding and sheer volume.
To make systems resilient, we can build on several frameworks, e.g., structurally making them modular, redundant (hic), and heterogeneous, and implementing prudence, adaptability, and awareness of their environment in how systems behave.
China and Russia did not have problems due to the Western sanctions, which increased the modularity, redundancy, and heterogeneity of the global critical system landscape.
...
1 reply by Jean Laval Chue Him
Jul 20, 2024 10:57 AM
Jean Laval Chue Him
...
Hi Thomas. Thanks for your comments. Indeed I advocate a redundancy approach and modularity to systems. I further think there should be a Systems Administrator for every Critical System who is responsible for updating patches and updating the system/s
I'd suggest that proper testing and a progressive deployment approach rather than a single global update might have either prevented or at least reduced the impact of the defect.
One of the critical aspects of continuous deployment is just because you CAN deploy instantly to all of production, doesn't mean you should!
Kiron
...
1 reply by Jean Laval Chue Him
Jul 20, 2024 10:59 AM
Jean Laval Chue Him
...
Yes Kiron, I agree not because we can auto-update this does not licence us to auto-update. Like in Accounting, there should be a separation of duties, accountability and compliance with organisation policies.
Jean
Saving Changes...
Jean Laval Chue HimDirector| Stella Aurorae Accountants Pty LtdSydney, Nsw, Australia
Jul 20, 2024 3:50 AM
Replying to Thomas Walenta
...
Make our systems resilient. Crashes will happen.
Automation of everything, coding changes, testing, rollout, and acceptance will continue and increase, and humans (admin) will not be able to check and approve changes due to a lack of understanding and sheer volume.
To make systems resilient, we can build on several frameworks, e.g., structurally making them modular, redundant (hic), and heterogeneous, and implementing prudence, adaptability, and awareness of their environment in how systems behave.
China and Russia did not have problems due to the Western sanctions, which increased the modularity, redundancy, and heterogeneity of the global critical system landscape.
Hi Thomas. Thanks for your comments. Indeed I advocate a redundancy approach and modularity to systems. I further think there should be a Systems Administrator for every Critical System who is responsible for updating patches and updating the system/s
Jean Saving Changes...
Jean Laval Chue HimDirector| Stella Aurorae Accountants Pty LtdSydney, Nsw, Australia
Jul 20, 2024 10:32 AM
Replying to Kiron Bondale
...
Jean -
I'd suggest that proper testing and a progressive deployment approach rather than a single global update might have either prevented or at least reduced the impact of the defect.
One of the critical aspects of continuous deployment is just because you CAN deploy instantly to all of production, doesn't mean you should!
Kiron
Yes Kiron, I agree not because we can auto-update this does not licence us to auto-update. Like in Accounting, there should be a separation of duties, accountability and compliance with organisation policies.
Jean Saving Changes...
Jean Laval Chue HimDirector| Stella Aurorae Accountants Pty LtdSydney, Nsw, Australia
We as Project Managers and IT Ops managers in general should set in place procedures, policies and processes to ensure continuity through continuity planning, separation of duties, accountability, redundancy in systems design and contingency planning. Computer systems and all peripherals and IoTs are not that vulnerable if we have the proper policies, compliance, procedures and processes and even yes appropriate Laws in place. It does NOT have to be a doomsday scenario and is mostly evitable. We might not be able to prevent All cyber attacks and the unexpected but we can certainly mitigate it. Saving Changes...
