Last week marked one year until Microsoft stops supporting Windows 7. This means no more security updates without expensive custom agreements.
Originally released in July 2009, Windows 7 is nearly ten years old. That’s a long time in IT terms, and if you haven’t already started executing, or at least planning your migration off this aging platform, now is the time to do so.
Why is the lack of security updates important?
Moving away from software before it stops being supported is important because so much of the code—and thus vulnerabilities—are shared between different versions of software. Just look at the list of products affected by most vulnerabilities and you’ll see that it contains every supported version of the product.
Older versions are also likely to be affected but aren’t listed once they reach their end of support date. Additionally, later versions of Windows—especially the latest releases of Windows 10—have brand new security mechanisms built into them which are simply not available in older versions. Importantly, attackers know that a significant proportion of users won’t be ready to migrate before support ends and will therefore have an ever-increasing set of exploits at their disposal to use against organisations running Windows 7 once it is no longer supported.
Does your business use Windows 7?
Organisations tend to put off doing these upgrades because it’s a disruptive process both for their IT department and the device users:
- Business-critical software may not work properly on newer operating systems, forcing that to be upgraded first.
- Hardware that might have coped running older software may not have enough power to cope with later versions, or may simply not be compatible.
- Logistically, upgrading the devices to a newer version of Windows is likely to involve each one being returned to IT support.
And yet, if organisations don’t do this they will be leaving their operations open to being compromised and certifications that allow you to operate certain contracts can be lost. For example, the National Cyber Security Centre’s Cyber Essentials scheme states that all software “must be licensed and supported”, which means any Windows 7 devices in scope will be a problem for you.
There are opportunities to be had here too; rather than trying to make Windows 10 work like a ten-year-old version, research and embrace the new features and you’ll reap the benefits in the years to come. You might also decide to move to one of the new Microsoft 365 licensing models where you pay for Office and Windows together, gaining extra features and/or paying monthly, and the opportunity to review how the IT department structures its cost model in regards to capex and opex.
How can PGI help?
For help with Microsoft-based IT security, PGI provides consultancy to help keep you safe and prevent your environment being compromised. Please get in touch if you’d like more information on our proactive approach to security: email@example.com or +44 (0) 845 600 4403.