2月22日,AT&T encountered widescale network outages throughout its U.S. bet9平台游戏领域.
其他使用AT的提供者&T细胞塔也受到了影响, 包括Cricket Wireless, Consumer Cellular and Straight Talk Wireless. Customers reported issues making calls and sending text messages.
然后, 3月15日, McDonald’s reported global outages to its point-of-sale system, with employees noting an inability to accept orders, 打开收银机或处理付款. The outage caused many restaurants to close.
两家公司都表示,中断是由于各自系统的软件更新和配置更改, and not caused by bad external actors in a cyberattack, 尽管有媒体报道. In other words, the software update encountered complications. McDonald’s attributed the change to a third-party service provider.
If the outages were caused by poor change management practices, both AT&T and McDonald’s should evaluate their procedures. Even if they have strong processes in place, 重要的是要认识到变更管理需要在所有类型的变更中始终如一地遵循. Even seemingly straightforward or small changes could have significant consequences.
紧急变更过程- 对于那些需要快速或立即在生产环境中实现的更改,应该采用这种方式. 这允许组织加快紧急变更的批准和实施,同时仍然遵循组织变更管理过程, ensuring that changes are documented and tracked throughout.
建立足够的网络冗余, which ensures that if a change does go wrong and affects the overall network, network redundancy will automatically take over, minimizing downtime and maintaining service availability.
改变测试 在迁移到生产环境之前,所有更改都应该在单独的测试环境中进行审查. Types of tests include quality assurance, 用户验收, 回归, 安全性(代码审查), 动态/静态扫描, 模糊测试)和配置, which ensure the change meets quality standards and performs as intended. 它可以帮助团队识别任何bug, errors or unexpected outcomes before they impact the users or system, 以及任何安全风险. 测试也应该遵循职责隔离,并由独立的资源执行.
Deploying Changes on a Predefined Schedule - These allows organizations to implement changes during low-traffic periods, which can minimize service disruptions for users or customers. 它还可以通过允许充分的计划和测试来减少错误或失败的风险. 除了, 公司应该根据供应商推荐的时间表跟上关键的更新和补丁.
Implementing a Change 管理 Policy - Policies provide guidance during software changes, 概述变更过程的要求,确保遵守所有必要的步骤.
票务系统的实现 - Systems like Jira, ServiceNow, Cherwell, etc., 在维护变更文档的同时,是否可以提供一个集中的位置来跟踪从开始到解决的所有变更请求, 包括描述, 测试, 审批和优先排序.
保持bet9平台游戏器更新 - Ensure servers have not reached their end of life. 不受支持的bet9平台游戏器由于不再接收重要的安全更新/补丁而构成重大的安全风险. 过时/不受支持的软件也会影响可靠性和性能.
Limiting Administrator Access/Assigning Unique and Separate Accounts - This allows organizations to reduce the risk of unauthorized changes. Unique accounts enable easier tracking and auditing of changes that occur.
保持职责隔离 - This is a crucial control in the change management process, 这意味着开发变更的用户不应该有将这些变更迁移到生产环境的权限. A change log should be reviewed monthly if segregation of duties conflicts exist.
You’ve heard our thoughts… We’d like to hear yours
Schneider down 我们对博客的存在是为了就对组织和个人重要的问题进行对话. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. 如果你对这篇文章有任何问题或评论,或者我们博客上的任何文章,我们希望你能和我们分享. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. 电邮至 (电子邮件保护).
Material discussed is meant for informational purposes only, and it is not to be construed as investment, 税, 或法律建议. Please note that individual situations can vary. 因此, 当与个人专业意见相协调时,应依赖此信息.