Posted on Jan 16, 2020 by admin
Given the challenges of a migration, many organizations are still running Windows 7 in their environment. The latest data from both NetMarketShare and StatCounter give Windows 7 around a 26% slice of the OS market.
Some companies and individuals will continue to run Windows 7 and Server 2008 believing that their antivirus and other security measures will keep them safe. This is a misconception that has been shown to be incorrect in the past with disastrous consequences!
In 2017, the WannaCry ransomware virus hit a large numbers of computers. Initially, Microsoft released a patch only for its supported operating systems, including Windows 10, Windows 8/8.1, and Windows 7. As Windows XP was no longer supported at this point, those PCs were vulnerable. To limit the spread of WannaCry, Microsoft did eventually release a patch for XP. But the incident shows the risk of continuing to use an unsupported OS.
Tips for safeguarding data
Beyond purchasing ESUs (Extended Security Updates) and moving forward with a migration, organizations still running Windows 7 need to protect their data from security risks. To that end, Veritas CIO John Abel has several recommendations and thoughts on how to best safeguard your data.
Protecting yourself against malware and ransomware as exemplified by WannaCry is another critical task. As Abel told TechRepublic, there were 151.9 million ransomware attacks in the first three quarters of 2019, according to data from SonicWall.
In addition to Windows 7, Windows Server 2008 also reached the end of extended support on 14 January 2020. Though servers may be better protected against security risks than are workstations, they can still be vulnerable. And they often hold critical data.
"Obviously, servers may not be as exposed as laptops and PCs as they are usually inside a protected environment and not susceptible to the same type of mobility and therefore vulnerability," Abel said. "However, the data exposure and risk can be even greater as servers tend to hold more sensitive data and the potential for impact to an organization is significantly increased."
The other question this raises is how might this affect GDPR liability? The key to this is understanding where your data is and how it is protected. If sensitive data is stored in a Windows 7 / Server 2008 environment then it is going to be increasingly vulnerable from the 14th of January. Companies need to identify what data on these devices hold Personally Identifiable Information (PII) and consider moving this data to a less vulnerable platform.
Finally, the permanent solution is for companies to migrate away from Windows 7 and Server 2008, but this does require planning. The timescale of this planning is entirely dependant upon the size of the company’s current unsupported IT infrastructure and as with any migration, things can go wrong; the only mitigation for this is to ensure that you have secure backups of all your data before the migration begins.
Article by Bob Smith, Screen Savers PCS
(January 2020)
Sources:
Lance Whitney - Tech Republic
John Abel – Veritas
SonicWall
Microsoft
NetMarketShare
StatCounter
ZDNet
© Copyright 2018 ScreenSavers. All Rights Reserved.
Superfast Internet with Fibre to the Premises in: Bexley | Dartford | Bexleyheath | Crayford | Erith
