Why January 2020 Doesn’t Need to Be the End of the World
Remember when Microsoft retired Windows XP? Well, it’s happening again.
Windows 7 and Server 2008 are set to go “end-of-life” (EOL) on January 14, 2020. While that sounds ominous, it’s not the apocalypse—especially if you’ve kept up with regular network maintenance.
End-of-life, in this case, simply means that as of a particular date, Windows will stop offering customer service, software updates, and patches for a particular product or operating system.
“Phew,” you might be thinking. “2020 is literally years from now. I’ve got time to figure this out.”
Well, hold on there. While Windows 7 will still technically function as of that January 2020 date, it won’t be safe. Any new vulnerability found in either operating system after January 2020 will make anyone using these systems low-hanging fruit for hackers, as there will no longer be a fix available. If you include these changes in your technology plan now, you’ll be giving yourself the proper lead-time to implement the technology, determine a strategy for addressing incompatibility issues, train your staff, avoid potential service disruptions, and adjust for Murphy’s Law.
“But isn’t this going to be a pretty significant capital outlay?”
Planning for this transition will require an investment of time and resources, to be sure, but consider this: Can you afford to be hacked? If your business includes the maintenance of customer records, can you afford to fall out of compliance with regulatory agencies by entrusting sensitive data to a less-than-secure system? That kind of lapse can result in fines, bad publicity, and an even more expensive clean-up, as once patches are not available, the resulting security breaches become even more costly.
Put it this way: transitioning too late in the game is essentially putting a target on your back, leaving yourself prone to bugs, security vulnerabilities, and higher unplanned expenses down the road.
“Okay, okay, definitely calling SUCCESS now to plan to transition my soon-to-be-outdated EOL operating system. What can I do in the meantime to keep my network safe?”
Now that we have your attention and see that you’ve added Jan. 14, 2020 to your calendar, we want to gently remind you that planned obsolescence is no excuse for avoiding regular network maintenance.
It is true that while planning ahead for Windows 7 EOL is key, there are ways you can keep your network safe, healthy, and running at optimal performance levels until you transition your OS. An organization could reduce its attack surface by over 80 percent, for example, just by regularly patching their systems!
Introducing strategy and discipline into your technology planning and accounting for the different types of maintenance (patching, updating and upgrading) is critical to properly maintaining your IT infrastructure.
We know it can seem daunting, so here’s a quick primer on all the little tweaks and updates (and an explanation of some of the terminology) that can keep your network running smoothly while you start to plan for the Windows 7 and Server 2008 EOL.
SUCCESS Patch Primer 101
- Patching refers to a fix for a vulnerability or flaw. Generally, applying security and critical patches to your currently deployed systems is considered regular maintenance. A critical line of business applications might be patched monthly, updated quarterly, and upgraded annually; operating systems like Windows should be patched monthly. A good rule of thumb is: if the manufacturer stops regularly patching the systems, it’s time to upgrade.
- Updating is a little more comprehensive than patching. The major software version stays the same, but the minor version is updated. Depending on circumstance, this might be a simple help-desk call.
- Upgrading means a full major replacement. For example, transitioning from Windows 7 to Windows 10, or taking a line of business (LOB) application from version 1 to version 2. This is typically project-based.
- Keep systems up-to-date: A fundamental principle in protecting a network is to keep systems up-to-date. Running with out-of-date systems is not only a stability issue, but a security issue. This applies to hardware, LOB, OS, and anything attached to the network, including cloud services. Just because you offloaded an application to the cloud doesn’t mean you can assume they are handling everything for you.
- Build regular patching and vulnerability scans into your ongoing maintenance We here at SUCCESS frequently work with companies struggling to build a strategy around their IT infrastructure, because they have no visibility or documentation, managing and funding their IT infrastructure on an ad-hoc or as-needed basis. Protecting your network starts with regular maintenance and testing that alerts you to missing patches or known vulnerabilities.
- Plan to upgrade hardware and software on a regular cadence This will spread out the costs to the business into smaller bite-size chunks. Typically, when we see organizations that are in pain, they haven’t followed a cadence to maintaining their infrastructure—and this includes cloud services, which may force you to upgrade.
You’re not in this alone. SUCCESS Computer Consulting can assist you in planning and creating a schedule to transition out of Windows 7 and Server 2008, and conduct a review of your regular IT maintenance program. Contact us today to get started at firstname.lastname@example.org.