As I watched the news and read various news articles relating to the WannaCry ransomware attacks over the last few weeks, I was struck by the details that emerged about large organisations using old, unsupported versions of Microsoft Windows desktop operating system (such as Windows XP).
Windows XP was a very reliable operating system, and from that perspective I can appreciate why IT departments around the world still cling to what is now a 15-year-old operating system. And even those that would like to upgrade face numerous challenges, most notably legacy software (and sometimes infrastructure) which isn’t compatible with the latest operating systems.
In other words, many businesses delay the decision to upgrade to a newer operating system because it’s a ‘double whammy’ – they need to upgrade the operating systems and the line of business applications, all at the same time.
Security features need to be in line with emerging threats
There are challenges to upgrading, and I don’t want to downplay or over-simplify these issues, but businesses must find a way to move forward with their technology. Microsoft have significantly improved the security of each successive operating system they’ve released, with Windows 10 being by far Microsoft’s best operating system from a security perspective. Comparing Windows XP and Windows 10 is a ‘night and day’ comparison when it comes to security features. And when you think about it, this makes sense. Earlier operating systems were designed within the environment of threats that existed at that time. As new threats emerge, it’s impossible for Microsoft to retrospectively change the design of their older operating systems. They can of course patch known security vulnerabilities as they are discovered, but this is not as effective as an up to date operating system that’s designed to deal with modern day threats.
Don’t just rely on patches
When I speak to business people, it’s clear that this point isn’t well understood. Many people think that security patches are the key, and that as long as they’re ‘patched’, there’s no risk. But this isn’t the case, and there’s no question that newer operating systems like Windows 10 are far better able to anticipate and neutralise threats than older operating systems, regardless of which patches are installed.
A simply example of this is UEFI (Unified Extensible Firmware Interface). It’s a fancy acronym, but stay with me – I promise it’s not too technical. The fight against malware and hacking requires the ability to maintain the integrity of the hardware and the operating system's boot process. Until Windows 8, this proved to be a significant challenge. Boot and rootkit malware could infect the device before any of the system defences, such as anti-virus programs, had started and thereby render those defences inoperable. Windows 8-certified or more recent devices include a new hardware component called UEFI Secure Boot, which helps maintain the integrity of the system firmware and operating system from power on to power off.
What’s the threat to the bottom line?
Businesses of all sizes are increasingly faced with a difficult choice, but one that cannot continue to be ignored. If businesses don’t invest in Windows 10, they are making their networks more vulnerable, and with threats such as ransomware only growing in sophistication and prevalence, the direct cost of a malware attack and the potential damage to a business’s reputation can far outweigh the cost of upgrading to Windows 10.
To summarise, it’s our strong view that all businesses should use Windows 10, and whatever barriers exist to upgrading to Windows 10 should be budgeted for and prioritised accordingly. Don’t let legacy applications be the excuse for leaving your network dangerously exposed. The risk of procrastination is simply too high, and as the WannaCry outbreak has proven, delaying will inevitably cost more in the long run.
Contact us today for more information on how we can work together with you on your Windows 10 migration and other IT and Communications needs through our industry recognised and award winning services or review our Windows 10 productivity tips – call now on 1300 307 907 or via our online contact form below.
At Diamond, we take Security seriously. So seriously that we created the Technology Optimisation (TechOps) team. This team is designed to focus solely on aligning our customers ICT environment to industry best practice on an ongoing, proactive basis. We will not only evaluate your hardware and software, but the overall configuration of your environment as well.
Take our quick Online Security Assessment to see how vulnerable your business may be…