June 11, 2025

Lessons from the Deep – The Importance of Drills and Preparedness

When I was serving in the US Navy aboard submarines, part of our weekly work involved running through various simulated casualties (Drills) to ensure everyone knew what to do, to practice the evolutions that might be required of us, and to identify any possibilities we had not thought of. We could simulate fires, flooding, and various other equipment or shipboard problems that we might encounter. By regularly practicing what we would do in those situations, we developed a “muscle memory” of what to do in an emergency, so when an emergency occurred, we immediately started acting without having to stop and think. It also led to a confident completion of the tasks because we had done them so many times in the past that we barely had to think about what we were doing or what was going on.

We were on a vessel designed to go to war and to be taken into battle. Complicated, life-threatening situations could occur at any time, and many did, even during peacetime. I cannot tell you the number of times a problem arose, and we hopped into action without a second thought. Often, we did not take the time to think about the danger until we were already through the immediate steps and well on our way to recovery.

Every day life doesn’t go that way. We don’t encounter difficult situations very often, and when we do, they often catch us by surprise. We frequently don’t have a plan in place for what to do or who should do what. In the business world, this can be a costly situation.

Information Technology personnel are used to following procedures. Much of our day-to-day work entails stepping through installations or reviewing the status of systems. We all know what Business Continuity and Disaster Recovery mean, and at least we think we are clear on how they apply to us and the work we are doing.

The CrowdStrike Crisis: A Business Continuity Wake-Up Call

Last summer, there was an incident that showed exactly how wrong many of us were. CrowdStrike, a popular cybersecurity vendor, released a bad patch that caused a blue screen on the Windows machines to which it was applied. CrowdStrike figured out the problem and implemented a fix within an hour or two. Unfortunately, most organizations immediately installed any CrowdStrike update as it could mean the difference between being hacked or not. This resulted in worldwide outages of support systems and, for many companies, 2-3 days of downtime and lost earnings. It is estimated that the total cost to industries has exceeded $5.4 billion in lost time, productivity, and sales. Delta Air Lines was the poster child for its problems, which were estimated to have cost the airline over $500 million in canceled flights, among other issues.

All affected systems required a special boot, which also required the decryption key since most Windows 11 devices have their hard drives encrypted. The regular employees could not be expected to accomplish these tasks, so the IT department had to touch practically every endpoint to correct the problem.

Three Types of Organizational Responses

Companies reacted in different ways, but, in general, many found themselves in one of three common positions.

1. Well-Practiced and Prepared:
These organizations had tested business continuity plans that included scenarios involving endpoint loss. Staff were trained, failover options were documented, and steps were rehearsed. They quickly pivoted to their backup systems—many using IGEL OS and virtual desktop infrastructure (VDI)—and avoided major disruptions.
🧠 Question: When was the last time your team ran a continuity drill that simulated total endpoint failure?

2. Plans in Place, but Unpracticed:
Some companies had documented recovery plans but had never walked through them. This led to slow, manual processes and increased outage durations.
🔄 UX Impact: Without practice, even a well-planned approach can lead to user frustration and inconsistent access.

3. Caught Off Guard:
The worst-affected businesses had no meaningful endpoint strategy in their business continuity planning. Employees were unable to work for days.
💸 Don’t Let This Be You: A 3-day outage for a 100-person company can easily exceed $300,000 in lost productivity alone.

How IGEL OS and UD Pocket Helped Organizations Stay Online

Many businesses that bounced back quickly utilized VDI solutions, such as Citrix, Microsoft Azure Virtual Desktop, or AWS Workspaces. But what really made a difference was how quickly users could access those platforms using IGEL OS and UD Pocket.

The UD Pocket is a USB device that boots a secure IGEL OS on nearly any endpoint. Once booted, it connects to IGEL UMS, providing access to virtual desktops or apps.

🖥️ What Changes?

Conditional Access may block IGEL devices unless explicitly trusted
Endpoint posture and compliance checks might need updates
Users will see a new interface, no local apps, and a different printing setup

Food for Thought: Preparing for IGEL-based Continuity

Before relying on IGEL OS for failover, consider:
✅ Conditional Access Policies: Ensure the IGEL devices are trusted
🔐 Device Trust: Pre-enroll or test fallback login mechanisms
🌐 Connectivity: Ensure external UMS access or VPN availability
📦 End User Training: A short video can dramatically ease transitions

Real-World Results

IGEL has a case study about how a California city successfully implemented its COVID-19 plan with minimal effort, thanks to the UD Pocket. You can read the case study and learn more on their website. Ferroque Systems is an MSP partner of IGEL, and our architects are well-versed in enabling your business to rise above unexpected chaos and continue providing the service your customers have come to expect.

Final Thought: Build Your Digital “Muscle Memory”

An Aon article included as its first key takeaway stated that “The CrowdStrike event was a global warning, underscoring the urgent need for robust cyber resilience strategies in the face of growing cyber threats and vulnerabilities.” Even though this was not a coordinated cyber-attack, it harmed companies in much the same way, highlighting the need for us to not only have a plan but test it regularly to build our recovery “muscle memory.”

💬 Let’s Talk: Ferroque can help you build or test your continuity plan, including IGEL strategies.

Richard Faulkner

Rich is a veteran architect and enthusiastic supporter of EUC, with over two decades of experience. He excels in sharing his technology expertise and aiding IT staff in optimizing digital workspaces. Rich has lived across the US and served as a Nuclear Engineer in the US Navy on submarines before transitioning to an IT career.