The speed that technology moves at is staggering and moving at a faster pace than ever before. No sooner have you bought a brand-new piece of technology and within months it becomes out of date. Having an out of date mobile is one thing, but soon your organisation could be putting itself at risk by using a Microsoft operating system that is nearing its end of life leaving your organisation wide open to cyber-attack.
While firewalls and anti-virus software help protect your organisation they do not provide sufficient protection against unpatched vulnerabilities within a machine’s internal operating systems. Hackers are quick to exploit these, infiltrating networks, wreaking havoc on your IT Infrastructure and as a result, your organisation’s sensitive data could be compromised.
What is an end of life product?
An end of life operating system, much like other technology products, operating systems have a life cycle and Microsoft is no different and when those products reach their end of life cycle, there are serious security implications for any business that continues to use it.
New applications are released on an almost daily basis and these are optimised for the most recent operating systems such as Windows 10. That means when using an End of Life OS, such as Windows 7, the latest apps or upgrade to the newest versions of your software.
You’ll be forced to hold onto legacy applications and the latest features and developments which creates ongoing problems with systems ‘talking’ to each other. Effectively, this is asking your employees to work with outdated systems and in the era of employees using their own devices for work purposes, like BYOD, people expect their employers’ technology to be compatible with their own smartphones, tablets, and laptops.
End of life products also provide barriers for Digital Transformation. In other words, operating systems that are at the end of life have been identified one of the key reasons that CIOs are not moving faster to such as hosted Cloud products, Artificial intelligence (AI) and greater automation, Internet of Things (IoT) and more.
What are the security risks?
When the end of life date arrives for Windows 7, your employees and organisation will still be able to use Windows 7, but the operating system will no longer be supported by Microsoft, and they will stop doing security updates. The security updates within an operating system fix open vulnerabilities that cyber criminals are trying to make use of to steal sensitive business data and with these gone your organisation’s network of devices becomes an easy target for new viruses and Malware that are being created.
The official advice from Microsoft is as follows:
“You can continue to use Windows 7, but once support ends, your PC will become more vulnerable to security risks. Windows will operate, but you will stop receiving security and feature updates.”
If a data breach occurs, and under Article 83 of the EU’s General Data Protection Regulation (GDPR) which came into force in May 2018, the organisation could be liable for either two tiers of fines. The first of which is €10 million or 2% of annual global turnover of the previous year, whichever is higher. The second is up to €20 million or 4% of annual turnover of the previous year, whichever is higher.
The basis of GDPR is about risk assessment and mitigation. Organisations that are still knowingly using software that is end of life are increasing their levels of risk. According to the GDPR legislation, organisations who have knowingly not taken the steps to mitigate risks such as these like this are likely to face the heaviest penalties if their data is compromised.
When is the Windows 7 end of life date?
Microsoft will not take any responsibility for any security breaches within Windows 7 after 14th January 2020, and they will not be providing security updates for Windows 7 after this date. This is the date in which Windows 7 will reach its end of life date.
Microsoft 365 is a new unified Cloud solution that includes Microsoft Office 365 as well as Enterprise Mobility Suite (formerly known as EM+S) and the Windows 10 Business operating system. These integrated products give your business the access to the latest Microsoft business applications, enterprise grade Mobile Device Management and the security tools that are powered by Windows 10.
With Microsoft 365 and Windows 10 Microsoft adopting a new policy for the sustainability of their products, Windows as a Service (WaaS), incorporates continuous updates and support for current product offerings like Windows 10.
Going forwards, organisations who adopt the use of Windows 10 will remain up-to-date with the latest fixes and updates. There won’t be a need to upgrade to a new operating system, and decision makers won’t need to agonise over which one will be the least troublesome to implement or which operating system will be the most efficient for their organisation. Windows as a Service (WaaS) assures a smooth transition between iterations of a single operating system. Windows 10 may look completely different in the future, but incremental updates will happen behind the scenes without business downtime.
Microsoft 365 also helps facilitate Digital Transformation and also forms part of our Cloud Productivity and Security solution, Unite.
Infinity Group are experienced Cyber Security Consultants and IT Security experts as well as being authorised Microsoft 365 resellers. We are also one of the top 200 Microsoft Gold Partners in the UK. If you are interested in Cyber Security Consultancy or implementing Microsoft 365, please get in touch.