For business intelligence, the CrowdStrike patch debacle had far-reaching consequences for across different layers of the data stack. For businesses relying on external data sources, such as travel companies or services like TripIt that depend on, say, Delta Airlines’ data, the CrowdStrike incident could have caused significant disruptions to their users and to the internal business intelligence tracking they do across the travel spectrum.
Here are some things to consider that you can stash away in your brain, in case this ever happens to you.
- Data Unavailability: With Delta’s systems crippled by the CrowdStrike update, these businesses would have lost access to critical flight information, bookings, and other essential data.
- Recovery Attempts: While affected companies might have tried to recover the data through alternative means (e.g., manual data entry or scraping public websites), they would ultimately be dependent on Delta’s recovery. This dependency highlights the interconnected nature of modern business operations and the cascading effects of such outages.
- Decision-Making Impact: The lack of up-to-date data would have hindered these businesses’ ability to make informed decisions, potentially leading to customer service issues and financial losses.
For organizations whose internal systems were directly affected by the CrowdStrike issue, the impact on BI operations could have been severe:
- ETL Process Failure: If the systems responsible for Extract, Transform, and Load (ETL) processes were running on affected Windows machines, data pipelines could have ground to a halt. This would have impacted the ability to update data warehouses and BI systems, leading to stale data.
- Data Freshness Issues: BI systems rely on fresh data for accurate insights. The inability to update data sources would have rendered many reports and dashboards obsolete, potentially freezing decision-making processes across the organization.
- Cascading Effects: The disruption of core data systems could have affected multiple layers of the BI stack, from data warehouses to visualization tools, creating a domino effect of data unavailability.
The CrowdStrike incident likely had varying impacts on different BI tools based on their deployment and infrastructure:
- Widespread Disruption: The CrowdStrike update affected millions of Windows-based computers globally. This likely impacted organizations using Windows-based BI tools like PowerBI, which is a Microsoft product. Looker and Tableau, being more platform-agnostic, might have been less directly affected, but their users could still have experienced issues if their underlying infrastructure was Windows-based or were reliant on ETL processes that were subject to CrowdStrike threat protection.
- Data Access Interruptions: Business intelligence systems rely heavily on continuous access to data sources. The outage probably prevented many organizations from accessing their data warehouses and repositories, potentially affecting all three BI platforms equally in terms of data availability.
- Cloud vs. On-Premises Differences: Cloud-based deployments of these BI tools might have been less affected compared to on-premises installations. For instance, PowerBI’s cloud service might have continued functioning even if local Windows machines were impacted. Tableau and Looker, often deployed in cloud environments, might have shown similar resilience.
- Recovery and Data Consistency: As organizations worked to recover from the outage, ensuring data consistency and integrity in BI systems likely became a significant challenge across all platforms.
- User Access Issues: With many computers rendered unusable, users might have been unable to access any of these BI tools, regardless of the platform’s specific vulnerabilities.
- Reporting Delays: Critical business reporting and analysis processes were likely delayed across all BI platforms due to the widespread nature of the disruption.
To mitigate the impact of such incidents on BI systems, organizations should consider the following:
- Disaster Recovery Planning: Explicitly include BI systems as a core part of the infrastructure in disaster recovery plans. This ensures that these critical decision-making tools receive priority during system recovery efforts.
- Data Redundancy: Implement redundant data storage and processing systems, possibly using multi-cloud strategies to reduce dependency on a single infrastructure.
- Offline Data Capabilities: Develop capabilities to work with the most recent offline data snapshots when live data is unavailable. This could involve regular data exports to secure, isolated storage.
- Alternative BI Tools: In extreme cases, tools like Google Sheets or Excel running on local machines can serve as a last resort for basic data analysis and reporting. While not ideal, they can provide some level of decision support during a crisis.
- Diversified Security Stack: Consider using multiple security vendors or solutions to reduce the risk of a single point of failure in cybersecurity infrastructure.
- Manual Override Procedures: Develop and maintain manual procedures for critical data processes that can be executed when automated systems are down.
- Regular Drills: Conduct periodic drills to test the organization’s ability to maintain BI capabilities during various failure scenarios.
By implementing these measures, organizations can enhance the resilience of their BI systems and maintain some level of data-driven decision-making capability even in the face of severe infrastructure disruptions like the CrowdStrike incident.
FAQs
What is the CrowdStrike incident and how did it affect BI systems?
The CrowdStrike incident was a cyberattack that targeted several US government agencies and private companies in late 2020. The attackers compromised a software vendor called SolarWinds and used its products to access the networks of its customers, including some BI systems. The attack caused significant disruption and damage to the affected organizations and raised concerns about the security and reliability of BI systems.
What are some examples of measures that can enhance the resilience of BI systems?
Some measures that can enhance the resilience of BI systems are regular drills, manual override procedures, backup data sources, alternative data delivery channels, and disaster recovery plans. These measures can help organizations prepare for different failure scenarios, minimize the impact of disruptions, and restore normal operations as soon as possible.
Why is it important to maintain BI capabilities during infrastructure disruptions?
BI capabilities are essential for data-driven decision-making, which can provide organizations with a competitive advantage, improve operational efficiency, and increase customer satisfaction. During infrastructure disruptions, BI capabilities can help organizations understand the situation, assess the risks, and take appropriate actions. Without BI capabilities, organizations may face increased uncertainty, loss of revenue, and reputational damage.
About Me
As a CFO, I’ve navigated complex financial landscapes to drive growth and maximize shareholder value for companies. My expertise in analytics and data science enables me to deliver actionable insights that shape strategic decision-making. Connect with me on LinkedIn to discuss how my Fractional CFO expertise can support your company’s growth trajectory with CFO PRO+Analytics.