The next outage will impact your end users

Person on smartphone experiencing a cell outage
(Image credit: Shutterstock)

The CrowdStrike update outage reinforced a number of concerns companies in the endpoint computing space have been voicing for some time. We’ve watched IT leaders greenlight major investments in modernizing security including identity and access management, secure accesses service edge (SASE), and network micro segmentation. Those are important investments but caused businesses to take their eyes off the prize: making sure that computing at the end user level, or endpoint device, is always available and secure.

We have grown somewhat numb to the steady stream of data breaches. This latest incident of a security vendor tasked with protecting users, their devices and data, and instead causing the largest cyber event in history, outlines that it’s not just security risks we must prepare for, but also update outages. To mitigate risks of all types at the endpoint, we must consider approaching the problem differently. We need to rethink the way Windows is delivered and managed, embrace SaaS (software-as-a-service), DaaS (desktop-as-a-service) and VDI (virtual desktop infrastructure) where applicable, and deliver a safe, endpoint desktop workspace that is much more in tune with how people work today. Equally important is examining the benefits of a purpose-built Linux OS, and its proven ability to deliver the most secure application environment.

Jason Mafera

Field CTO for North America at IGEL.

Retooling windows

The CrowdStrike outage is compelling proof that Windows at the endpoint has reached a level of unmanageable complexity. Windows endpoints are inherently insecure, requiring a complex and costly security stack to be added to protect users, and their data. But the more agents you add – EDR, XDR, AV, backup, and recovery, DLP etc. – the more layers of security sprawl IT must manage, patch and monitor. This increases the chances of an outage event causing businesses to have to stop work and watch the productivity, reputational and financial losses add up.

Organizations that run their business applications at the Windows endpoint are highly vulnerable to these disruptions since they cannot quickly or easily recover their applications and data when a bug or outage occurs. A solution gaining traction is the movement of Windows to the cloud. Using SaaS or DaaS, both now very well-established technologies, enables organizations to rethink and modernize their Windows deployment strategy, making Windows installed at the endpoint unnecessary. It gives IT a means of centralizing desktops, applications and data in the cloud and greatly reduces the time-to-recovery for a breach or outage that previously impacted the endpoint.

As desktops and some applications move away from being locally installed on the endpoint, a simpler, secure by design endpoint OS can deliver the same workflows while maintain a great user experience, remove layers of added complexity and reduce the administrative burden on IT. Should an event occur, a centrally delivered cloud-based Windows OS, enables IT to rapidly recover critical applications and restore access for end users.

Windows 11 migration is another timely reason for considering moving Windows applications to the cloud. Leaving Windows at the endpoint, with the upgraded Windows 11 platform, will only continue the risk and leave end users once again open to productivity outages.

Alternative to windows

If there was a silver lining to the CrowdStrike outage, it highlighted and reinforced that allowing security vendors and their tools deep access to the Windows operating system can have severe consequences. We find in practice that Linux based OSes tend to fare better in mitigating many of these concerns and can be easier to recover if an event does occur. Many businesses, fortunately, are seeing the benefits in moving to a Linux based endpoint OS. Linux market share on the desktop is growing at an accelerated rate. Market research shows Linux adoption was 3% in July 2023, 4% in March 2024 and 4.45% in July 2024. Chrome OS is a distant 1.41%.

It should be noted that Linux and Windows are compatible. IT administrators use Linux-based endpoint devices to connect to Windows and Windows applications in the cloud. This leaves the Windows environment to be more centrally managed and controlled without the exposure and gaps that can be created when running Windows physically on endpoint systems. This reduces complexity and cost, while also significantly reducing the management burden on IT staff.

Linux natively supports web-based SaaS platforms like Office 365 and Salesforce; DaaS offerings like Microsoft AVD and Windows 365 Cloud PC, and VDI platforms such as Citrix and Omnissa.

Practices in prevention

The CrowdStrike outage is not a ‘who’s to blame?’ event. It could be repeated by any software vendor who has deep access into the OS. It is simply symptomatic of businesses lacking a comprehensive approach to their endpoint business continuity planning and placing too much trust in automatic updates working without critical change control and robust in-environment testing. In the case of this outage, the response and recovery were highly reactive. Each endpoint needed to be restored, which was a costly exercise. A more preventative approach is required and should start with an endpoint OS that is more secure, and more quickly recoverable in the event an incident does occur. Taking the weeks or months needed in today’s Windows model and reducing it to minutes.

As a preventative strategy against the next unintentional outage or ransomware attack, a purpose built and secure by design Linux OS is the answer. It must be fully centrally managed, and capable of supporting business continuity to rapidly get businesses up and running again. Using a Linux-based secure OS, such as IGEL OS, can also be rapidly recoverable with the ability to reset to a known good state on a reboot, mitigating many of the challenges with today’s Windows endpoint model. Read-only and fully encrypted, such Linux OS solutions can recover critical applications first and when paired with a cloud-based Windows computing environment can be the most effective preventative strategy.

Looking ahead, the proliferation of new applications, AI development and the constant need to be digitally competitive, will continue to add even more complexity and security challenges to IT operations. Despite best efforts, issues can and will occur. IT teams will welcome a change to more robust, simplified, and resilient systems that can prevent disruption and support recovery when needed.

We've featured the best IT infrastructure management service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Jason Mafera is field CTO, North America for IGEL. He has more than 20 years of experience in the delivery of cybersecurity-focused enterprise and SaaS solution offerings.

TOPICS