Could the CrowdStrike crash happen on the Mac?
A couple of weeks ago, a massive global IT outage occurred when Windows computers running the CrowdStrike security software crashed. CrowdStrike is popular in enterprise installations, meaning businesses worldwide–including airlines such as Delta Air Lines–were shut down. Delta CEO Ed Bastian said in a CNBC interview that the CrowdStrike crash caused Delta to cancel about 5,000 flights and may cost the company up to $500 million.
When asked by CNBC if Delta is rethinking its IT strategy, Bastian said, “Absolutely.” Despite having system redundancy to help prevent a total loss of operation, the problem, as Bastian puts it, is that they rely on Windows and CrowdStike throughout their installation. “My sense is that [Windows] is the most fragile platform in that space,” said Bastian, who then asked, “When was the last time you heard of a big outage at Apple?”
Analysts and IT experts could argue that Apple’s enterprise presence is a fraction of Windows, which is why you never hear about Apple outages. There’s some truth to that, but there’s a technological reason that is more likely: Apple has strict restrictions on third-party access to the kernel of its operating systems, including macOS. Having to deal with these restrictions makes it a little more difficult for third parties to provide the services they want, but this allows Apple to maintain OS security and uptime at a high level. This effectively eliminates the chances of a massive crash like the CrowdStrike one from happening.
Microsoft, on the other hand, often allows third-party developers kernel access in Windows, which makes it easier for third-party solutions to provide better functionality, but as the CrowdStrike crash shows, can lead to disastrous situations. Early, pre-release testing is even more vital in this situation, but as anyone with experience doing alpha and beta testing knows, not every bug can be caught before an official release. The Mac isn’t immune to bugs and bad updates, but a third-party app can’t bring down the whole system.
Microsoft told the Wall Street Journal that an agreement with the European Commission prevents the company from closing its kernel like Apple, but the EC’s Lea Zuber told The Verge, “Microsoft is free to decide on its business model and to adapt its security infrastructure to respond to threats provided this is done in line with EU competition law.”
Delta is reportedly going to sue Microsoft and CrowdStrike, so Bastian’s declaration likely had the purpose of putting pressure on Microsoft and CrowdStrike to make good with Delta. But Bastian and the CrowdStrike crash sheds light on a fundamental issue that businesses need to consider. And it could mean we start seeing a lot more Macs behind the scenes.