The CrowdStrike update outage reinforced some of the concerns that endpoint computing companies have been expressing for some time. We’ve seen IT leaders greenlight major investments in security modernization, including identity and access management, secure access service edge (SASE), and network microsegmentation. These are important investments, but they’ve caused companies to take their eyes off the prize: ensuring that endpoint or endpoint device computing is always available and secure.
We’ve become somewhat desensitized to the steady stream of data breaches. This latest incident of a security vendor tasked with protecting users, their devices, and their data, instead causing the largest cyber incident in history, shows that we need to prepare not just for security risks, but also for update outages. To mitigate risks of all kinds on the endpoint, we need to consider approaching the problem differently. We need to rethink the way Windows is delivered and managed, embrace SaaS (software as a service), DaaS (desktop as a service), and VDI (virtual desktop infrastructure) where appropriate, and deliver a secure, endpoint desktop workspace that is much more aligned with the way people work today. Equally important is exploring the benefits of a purpose-built Linux operating system and its proven ability to deliver the most secure application environment.
Field CTO for North America at IGEL.
The CrowdStrike outage is compelling evidence that Windows has reached a level of unmanageable complexity on the endpoint. Windows endpoints are inherently insecure, requiring a complex and expensive security stack to be added to protect users and their data. But the more agents you add – EDR, XDR, AV, backup/recovery, DLP, etc. – the more layers of security extension IT must manage, patch, and monitor. This increases the likelihood of an outage event that forces businesses to stop work and watch the productivity, reputational, and financial losses pile up.
Organizations that run their business applications on the Windows endpoint are highly vulnerable to these disruptions because they cannot quickly or easily recover their applications and data in the event of a bug or outage. One solution that is gaining traction is moving Windows to the cloud. By using SaaS or DaaS, both now very well-established technologies, organizations can rethink and modernize their Windows deployment strategy, making Windows on the endpoint obsolete. It gives IT a way to centralize desktops, applications, and data in the cloud, and significantly reduces the recovery time for a breach or outage that previously affected the endpoint.
Because desktops and some applications are no longer installed locally on the endpoint, a simpler, more secure endpoint OS can deliver the same workflows while maintaining a great user experience, removing layers of added complexity, and reducing the administrative burden on IT. Should an event occur, a centrally delivered, cloud-based Windows OS enables IT to quickly recover critical applications and restore end-user access.
Windows 11 migration is another current reason to consider moving Windows applications to the cloud. Leaving Windows on the endpoint, with the upgraded Windows 11 platform, will only perpetuate the risk and expose end users to productivity downtime once again.
Alternative for windows
If there was a silver lining to the CrowdStrike outage, it was that it could have serious ramifications if security vendors and their tools were able to gain deep access to the Windows operating system. In practice, we’re seeing that Linux-based operating systems do a better job of mitigating many of these concerns and are easier to recover from if an event does occur. Fortunately, many enterprises are seeing the benefits of switching to a Linux-based endpoint OS. Linux’s desktop market share is growing at an accelerating pace. Market research shows Linux adoption at 3% in July 2023, 4% in March 2024, and 4.45% in July 2024. Chrome OS is at a distant 1.41%.
It should be noted that Linux and Windows are compatible. IT administrators use Linux-based endpoint devices to connect to Windows and Windows applications in the cloud. This allows the Windows environment to be more centrally managed and controlled without the exposure and gaps that can occur when Windows is physically running on endpoint systems. This reduces complexity and costs, while also significantly reducing the management burden on IT staff.
Linux natively supports web-based SaaS platforms such as Office 365 and Salesforce; DaaS offerings such as Microsoft AVD and Windows 365 Cloud PC; and VDI platforms such as Citrix and Omnissa.
Practices in prevention
The CrowdStrike outage is not a “who’s to blame?” event. It could have been replicated by any software vendor with deep access to the operating system. It’s simply symptomatic of organizations that lack a comprehensive approach to their endpoint business continuity planning and rely too heavily on automatic updates that operate without critical change control and robust testing in the environment. In the case of this outage, the response and recovery was highly reactive. Every endpoint had to be recovered, which was a costly exercise. A more preventative approach is needed and should start with an endpoint operating system that is more secure and can be recovered more quickly in the event of an incident. The weeks or months required under the current Windows model are reduced to minutes.
As a preventative strategy against the next accidental outage or ransomware attack, a purpose-built secure Linux OS is the answer. It should be fully centrally managed and capable of supporting business continuity to get businesses back on their feet quickly. Using a Linux-based secure OS, such as IGEL OS, can also be quickly recovered with the ability to return to a known good state on reboot, mitigating many of the challenges with the current Windows endpoint model. Read-only and fully encrypted, such Linux OS solutions can restore critical applications first and, when combined with a cloud-based Windows computing environment, can be the most effective preventative strategy.
Looking ahead, the proliferation of new applications, AI development, and the constant need to be digitally competitive will add even more complexity and security challenges to IT operations. Despite the best efforts, problems can and will occur. IT teams will welcome a shift to more robust, simplified, and resilient systems that can prevent disruption and support recovery when necessary.
We have highlighted the best IT infrastructure management service.
This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we showcase the best and brightest minds in the technology sector today. The views expressed here are those of the author and do not necessarily represent those of Ny BreakingPro or Future plc. If you’re interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro