Robinhood Blocks Buying in GameStop, AMC, and Other Stocks. Other Brokers Also Add Guardrails.

Investing app Robinhood blocked access to GameStop and other highflying names on Thursday as trading surged among retail users.

The move comes after GameStop (GME) stock has shot higher over the past week, inspiring a short squeeze. The action — driven by retail traders often using options — has spread to other names like BlackBerry (BB), AMC Entertainment Holdings (AMC), and Bed Bath & Beyond (BBBY). Several of those stocks were falling in premarket trading after enormous run-ups in the past few days.

Users began reporting that they couldn’t trade GameStop and other stocks on Thursday. They got a message that “This stock is not supported on Robinhood.”

In a statement on Thursday, Robinhood detailed which stocks now had restrictions. “In light of recent volatility, we are restricting transactions for certain securities to position closing only,” the company said. These include AMC Entertainment, BlackBerry, Bed Bath & Beyond, Express (EXPR), GameStop, Koss (Koss), Naked Brand Group (NAKD), and Nokia (NOK).

“We also raised margin requirements for certain securities,” Robinhood said. The trading platform is raising margin requirements for investors in GameStop and AMC to 100%, Robinhood told Barron’s on Wednesday.

On Thursday morning, Robinhood was also reporting outages.

Other brokers have instituted similar restrictions. Interactive Brokers (IBKR) on Wednesday put AMC, BlackBerry, Express, GameStop, and Koss option trading into liquidation “due to the extraordinary volatility in the markets,” the company said.

“In addition, long stock positions will require 100% margin and short stock positions will require 300% margin until further notice,” the company said. “We do not believe this situation will subside until the exchanges and regulators halt or put certain symbols into liquidation only. We will continue to monitor market conditions and may add or remove symbols as may be warranted.”

TD Ameritrade (AMTD) also placed restrictions on some transactions in GameStop and other securities, the broker said on Wednesday. A spokeswoman didn’t specify exactly what the company was doing but said it could include “actions like increasing margin requirements, or limiting certain types of transactions, like short sales and those that may involve unlimited risk. It is not uncommon for us to make such decisions, which we consider on an individual basis, in the interest of mitigating risk.”

“We have been adjusting our requirements for several days as we continued to see trends indicating unusual volume in an unprecedented market environment, which appear to be divorced from traditional market fundamentals,” the company said. “We have made what we believe to be prudent and appropriate decisions to place some limits on certain transactions for certain securities.”

And fast-growing privately held broker Webull said it was limiting some activities, too.

“Webull has been very successful in limiting our intraday risk during the course of these events by not allowing any short positions in these volatile names since as early as Friday of last week,” CEO Anthony Denier told Barron’s. “Trading has been open for these stocks and uninterrupted amidst this volatility and the only new restrictions we have placed is not allowing market orders opening of new multi-leg option strategy positions.”

Robinhood has grown faster than the rest of the industry over the past year, attracting younger investors. Last year, it said it had more than 13 million account-holders, adding 3 million from January until May. The privately held broker was sued last month by a Massachusetts regulator on allegations that it encourages risky investing among its clientele. The company denied those allegations and said it does not recommend stocks.

On Wednesday night, Robinhood sent a notice to users directing them to educational products in light of the recent volatility.

One trader who has made money in the GameStop trade through his Webull account was frustrated by the new limits.

“It’s one thing if I had a pattern of misconduct, or a lot of violations. It’s another thing for you to tell me that you can’t trade this stock because we don’t like what’s happening to it,” Brandon Luczek, a 28-year-old who lives in Virginia, told Barron’s on Wednesday night. “That’s not for you to decide. I have my own personal risk tolerance.”

Others on reddit’s wallstreetbets forum lashed out at Robinhood. “How in the hell is this legal? They are tanking our legitimately bought and held stocks/options by arbitrarily restricting trading,” one wrote.

As tech leaders race to bring Windows systems back online after Friday’s software update by cybersecurity company CrowdStrike crashed around 8.5 million machines worldwide, experts share with CIO Journal their takeaways for preparing for the next major information technology outage.

Be familiar with how vendors develop, test and release their software

IT leaders should hold vendors deeply integrated within IT systems, such as CrowdStrike , to a “very high standard” of development, release quality and assurance, said Neil MacDonald , a Gartner vice president.

“Any security vendor has a responsibility to do extensive regression testing on all versions of Windows before an update is rolled out,” he said.

That involves asking existing vendors to explain how they write software, what testing they do and whether customers may choose how quickly to roll out an update.

“Incidents like this remind all of us in the CIO community of the importance of ensuring availability, reliability and security by prioritizing guardrails such as deployment and testing procedures and practices,” said Amy Farrow, chief information officer of IT automation and security company Infoblox.

Re-evaluate how your firm accepts software updates from ‘trusted’ vendors

While automatically accepting software updates has become the norm—and a recommended security practice—the CrowdStrike outage is a reminder to take a pause, some CIOs said.

“We still should be doing the full testing of packages and upgrades and new features,” said Paul Davis, a field chief information security officer at software development platform maker JFrog . undefined undefined Though it’s not feasible to test every update, especially for as many as hundreds of software vendors, Davis said he makes it a priority to test software patches according to their potential severity and size.

Automation, and maybe even artificial intelligence-based IT tools, can help.

“Humans are not very good at catching errors in thousands of lines of code,” said Jack Hidary, chief executive of AI and quantum company SandboxAQ. “We need AI trained to look for the interdependence of new software updates with the existing stack of software.”

Develop a disaster recovery plan

An incident rendering Windows computers unusable is similar to a natural disaster with systems knocked offline, said Gartner’s MacDonald. That’s why businesses should consider natural disaster recovery plans for maintaining the resiliency of their operations.

One way to do that is to set up a “clean room,” or an environment isolated from other systems, to use to bring critical systems back online, according to Chirag Mehta, a cybersecurity analyst at Constellation Research.

Businesses should also hold tabletop exercises to simulate risk scenarios, including IT outages and potential cyber threats, Mehta said.

Companies that back up data regularly were likely less impacted by the CrowdStrike outage, according to Victor Zyamzin, chief business officer of security company Qrator Labs. “Another suggestion for companies, and we’ve been saying that again and again for decades, is that you should have some backup procedure applied, running and regularly tested,” he said.

Review vendor and insurance contracts

For any vendor with a significant impact on company operations , MacDonald said companies can review their contracts and look for clauses indicating the vendors must provide reliable and stable software.

“That’s where you may have an advantage to say, if an update causes an outage, is there a clause in the contract that would cover that?” he said.

If it doesn’t, tech leaders can aim to negotiate a discount serving as a form of compensation at renewal time, MacDonald added.

The outage also highlights the importance of insurance in providing companies with bottom-line protection against cyber risks, said Peter Halprin, a partner with law firm Haynes Boone focused on cyber insurance.

This coverage can include protection against business income losses, such as those associated with an outage, whether caused by the insured company or a service provider, Halprin said.

Weigh the advantages and disadvantages of the various platforms

The CrowdStrike update affected only devices running Microsoft Windows-based systems , prompting fresh questions over whether enterprises should rely on Windows computers.

CrowdStrike runs on Windows devices through access to the kernel, the part of an operating system containing a computer’s core functions. That’s not the same for Apple ’s Mac operating system and Linux, which don’t allow the same level of access, said Mehta.

Some businesses have converted to Chromebooks , simple laptops developed by Alphabet -owned Google that run on the Chrome operating system . “Not all of them require deeper access to things,” Mehta said. “What are you doing on your laptop that actually requires Windows?”