The clock is ticking – as of this week Microsoft will no longer support Windows XP. The operating system will pose an increasing risk to its users, making it more important than ever for organizations to identify and upgrade legacy systems wherever possible, or have stringent network security in place to mitigate the risks and to create a virtual “ring of steel” around the most susceptible systems. Windows XP has been a fairly stable, reliable and extremely popular operating system for over a decade now, but it really is time to put the venerable OS out to pasture.
What does the expiration of Windows XP support mean for organizations? Businesses have managed to get by just fine with Windows XP for years — “If it ain’t broke, don’t fix it”, right? Well, the problem with that theory is that it assumes that Windows XP isn’t broken in the first place, and that support will continue forever. It doesn’t account for the reality. Windows XP works and runs business software, but it is less secure than its successors. Windows XP systems are compromised by 27 per cent more malware attacks than subsequent Windows versions, and resolving a malware incident on Windows XP takes an average of seven times longer. When viewed through the lens of security, it’s easy to see that Windows XP is, in fact, broken.
When it comes to leaving corporate networks exposed to risk, “almost” is not good enough. If you lock all of the doors and windows on your house, but forget to lock the back door, you may as well not have locked any of them. Similarly, if you upgrade all of the PCs in the organization to Windows 7, but a rogue Windows XP machine you’re not aware of is still connected to your network you’re still at risk, as that lone machine represents an open back door into the rest of the network.
A rogue, unsupported Windows XP machine will eventually become a target to exploit that can allow them to gain a foothold inside a corporate network. That one compromised Windows XP system could be used to siphon information from the network, or spread malware to other systems.
It is crucial to have a complete and accurate inventory of the systems connected to your network. If businesses don’t know what’s out there, they can’t keep it properly maintained and updated and can’t mitigate the risk posed by it.
Knowing is half the battle
The first step in mitigating risks is to know which operating systems are in use within your organization. Using asset tracking solutions, businesses will be able to detect and identify lingering Windows XP systems with minimal effort and assess their risk level.
Businesses should consider custom software running on their systems. Businesses need to determine whether continued use of Windows XP will impact these custom systems in terms of ongoing support from their manufacturers and determine what changes these applications need when migrating to another OS, particularly if it is already a legacy, unsupported application.
The risk is that hackers will be able to identify holes in Windows XP that will no longer be addressed in short order with a Microsoft patch or service pack. These potential holes for exploitation will continue to multiply over time and as such the cost of managing a Windows XP estate will rise very quickly, both from maintenance point of view, but also from potential exploits and lost productivity.
It is recommended that organizations still using Windows XP look to upgrade to the latest – or a more recent supported version – Windows operating system to ensure they continue to receive the latest security and stability patches. Doing so will ensure their software ecosystem is protected from known exploits. Whether businesses opt for upgrading their XP machines to a new version of Windows, or they look to overhaul their entire hardware estate, the cost savings will pay off in a short amount of time. For hackers, Windows XP is like breaking into a car with no alarm installed, it will be easy for them as all the potential exploits and vulnerabilities will be known from patches for other versions of Windows.