• lennivelkant
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    2
    ·
    4 months ago

    …and just how many PCs do you intend to “reboot into safemode delete one bad file and then reboot again”? Manually, or do you have some remote access tool that doesn’t require a running system?

      • lennivelkant
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        4 months ago

        If you have no idea how long it may take and if the issue will return - and particularly if upper management has no idea - swapping to alternate solutions may seem like a safer bet. Non-Tech people tend to treat computers with superstition, so “this software has produced an issue once” can quickly become “I don’t trust anything using this - what if it happens again? We can’t risk another outage!”

        The tech fix may be easy, but the manglement issue can be harder. I probably don’t need to tell you about the type of obstinate manager that’s scared of things they don’t understand and need a nice slideshow with simple words and pretty pictures to explain why this one-off issue is fixed now and probably won’t happen again.

        As for the question of scale: From a quick glance we currently have something on the order of 40k “active” Office installations, which mostly map to active devices. Our client management semi-recently finished rolling out a new, uniform client configuration standard across the organisation (“special” cases aside). If we’d had CrowdStrike, I’d conservatively estimate that to be at least 30k affected devices.

        Thankfully, we don’t, but I know some amounts of bullets were being sweated until it was confirmed to only be CrowdStrike. We’re in Central Europe, so the window between the first issues and the confirmation was the prime “people starting work” time.