Microsoft made a commitment to provide 10 years of product support for Windows 7 when it first hit stands on 22 October 2009. Given that the 10-year period has lapsed, the company announced last year that it will be discontinuing the system on 14 January 2020 and directing its support to newer technologies.
However, with 26 per cent of PCs predicted to still be running the Microsoft software, even after support for patches and bug fixes has ended, businesses are being urged to make the switch and avoid the impact that vulnerability to ransomware could have on their organisations.
Data management company Veritas Technologies is advising business owners to take steps now to avoid a similar scenario to the WannaCry crisis that ended up costing business billions in 2017.
At the time, Europol estimated that 200,000 devices in 150 countries, running older, unsupported software became infected by the cryptoworm. Although just $130,000 was paid in ransoms, the impact to business is understood to have run into the billions of dollars due to lost productivity, lost data and corrupted hardware.
“Cyber security will continue to be a priority for Australia and there is a need for businesses to ensure their data is backed up and mitigate against cyber attacks. WannaCry was a clear example of the dangers that businesses can face when they are using software that has reached end of life,” Howard Fyffe, managing director, Australia & New Zealand, Veritas Technologies, said.
“Organisations need to understand their data and make sure that information is being stored in the right place where it can be protected and made available when needed.”
5-step process to survive Windows 7 closure
Veritas has suggested businesses follow five simple steps to navigate the challenge:
- Educate employees – the biggest risk is to data that employees save to unprotected locations. Ensure that users are following best practices for where to save data so that it can be secured, and consider running a simulation. Saving valued data to centralised servers, data centres or to the cloud can help reduce risk.
- Evaluate risk by understanding your data – for enterprises, insight software solutions can help to identify where key data lives and ensure that it complies with company policies and industry regulations. This is critical not only to identify the challenges but also to prioritise the recovery process.
- Consider a software upgrade – this isn’t going to be practical for large enterprises in the time available, but it could well be part of a longer-term strategy. For SMEs, the most sensible solution might be simply to upgrade to an operating system that has ongoing support.
- Run patches while you can – according to the Ponemon Institute, 60 per cent of respondents who experienced data breaches did so despite a patch to prevent breaches being available to them. Businesses should at least make sure that they are as up to date as they can be while they can. Users will also be able to buy “ESUs” from Microsoft to access patches during their migration to newer software.
- Ensure that data is backed up – ransomware relies on the idea that paying a ransom is going to be the only/cheapest way to regain access to your data, yet research shows that less than half of those that pay up are actually able to recover their data from cyber criminals. Veritas advocates the “3-2-1 rule”, where data owners have three copies of their data, two of which are on different storage media and one is air gapped in an offsite location. With an air-gapped data backup solution, businesses have the much safer, and more reliable option, of simply restoring their data.
The decade-old Windows 7 was highly popular until the inception of Windows 10 that soared to success fast.
Microsoft’s decision to end support for the beloved operating system was made based on both finances and the time and effort that was needed to maintain it.
Microsoft actually ended mainstream support for Windows 7 on 13 January 2015, which meant new features stopped being added, and warranty claims were no longer valid.
However, it continued to patch and update the system until last week as part of the extended support phase.
In its bid to help people transition to a newer system, Microsoft earlier announced it will release an update to Windows 7, which will display notifications reminding them to upgrade.