By Michael Berquam – Manager, Customer Service – Intrinium
End of life is a term we often hear regarding software viability in the IT space. What this means for your business, however, is determined by the product that is heading towards its final supported date, what role it plays in your organization, and your security posture and requirements. Today, we’ll look at what end of life means for the Windows 7 OS.
Operating systems are a foundational player in most organizations. This is the platform that supports your servers and workstations. With few exceptions, everything else within your IT infrastructure builds off the operating systems you utilize. This makes the end of life planning an important (and occasionally difficult) responsibility.
Let’s examine what End of Life truly means for an operating system. It can be easy to interpret that end of life means that a product immediately ceases to function. Thankfully, this is not the case in most instances. What this does entail is that ongoing support for a product is being discontinued, including:
- Feature patching
- Security patching
- Support from the vendor
- Feasibility of running future applications on the platform
This may allow you to stretch out your planning process to address an out of support item and reduce the urgency to remediate.
Don’t let the lack of immediate consequences deter you from planning a smooth transition away from End of Life products, particularly for resources as important as your operating systems. Consider the following – if Microsoft publishes an End of Life date, that information finds its way to myriad parties – business managers, IT professionals, and bad actors. It is not unheard of for exploits for software with high penetration in the businesses of the world to come about after support functions have been terminated. When this occurs, responses from the vendor may be late, assuming there is a meaningful response at all, on the urgent occasion, Microsoft has shown that they care and releases critical patches for out of support systems.
As a business owner, it is incumbent that you manage the offboarding of end of life software, or that you assume the risks of not doing so. This includes but is not limited to:
- Increased risk of exploitable vulnerabilities within your network
- Lack of support for new applications that will live within the ecosystem
- Missing features that are present within newer systems
- Lack of control or availability of meaningful tools to manage and protect your assets
End of Life support for core systems like operating systems often turns management of those systems into the Wild West. Cyberspace highwaymen choose prime targets in specific industries (such as finance and medical) and begin criminal campaigns against them knowing that the Pinkertons or Rangers are weeks away, assuming they respond at all, as their jurisdiction no longer compels them to act. Additionally, for regulated industries, the presence of out of support resources in your environment may get you a stern word from an auditor, forced upgrade plans, or punitive fees to pay.
With operating systems providing not only features but security for your users and business, it is imperative that you consider your risk and determine what course of action is best for your enterprise. As a best practice, maintaining a current operating system with support from a qualified entity is recommended. Additionally, with the cold-war style of creeping escalation of force from black hat hackers and corresponding updates from IT security personnel, it is critical that meaningfully updated defenses are maintained to ensure business viability. Failure to maintain your software and appropriately arm yourself with proactive protections can leave you with a screen door on your otherwise impenetrable submarine.
Windows 7 reaches End of Life support on January 14th, 2020, at which point Microsoft support and patching for features and security will effectively cease. Do yourself a favor and spare yourself the heartache of being an example of the pains this can cause in the next major cybersecurity breach by taking meaningful steps to maintain your defenses. Windows 10 is the current OS from Microsoft, and there are qualified vendors out there who would love to help you upgrade your environment.