Today a cyber-security firm named Crowdstrike took down large swaths of the world’s IT infrastructure by pushing a faulty update on millions of Windows machines. On a Friday. Whoops!

As anyone working in IT knows, mistakes happen. But while we can bash the lack of testing and oversight over such a big mistake, I think it’s important to reflect on the role that IT departments played in the meltdown. Why would anyone ever give a company (outside the one that makes your operating system, that is) the ability to push kernel level updates over the air?

That’s just an expensive lesson and I’m my opinion, not entirely the fault of a single company.