Windows XP will leave organizations severely exposed
by Sergio Galindo - Infrastructure Business Unit general manager, GFI Software - Monday, 7 April 2014.
The clock is ticking – as of this week Microsoft will no longer support Windows XP. The operating system will pose an increasing risk to its users, making it more important than ever for organizations to identify and upgrade legacy systems wherever possible, or have stringent network security in place to mitigate the risks and to create a virtual “ring of steel” around the most susceptible systems. Windows XP has been a fairly stable, reliable and extremely popular operating system for over a decade now, but it really is time to put the venerable OS out to pasture.

What does the expiration of Windows XP support mean for organizations? Businesses have managed to get by just fine with Windows XP for years — “If it ain’t broke, don’t fix it”, right? Well, the problem with that theory is that it assumes that Windows XP isn’t broken in the first place, and that support will continue forever. It doesn’t account for the reality. Windows XP works and runs business software, but it is less secure than its successors. Windows XP systems are compromised by 27 per cent more malware attacks than subsequent Windows versions, and resolving a malware incident on Windows XP takes an average of seven times longer. When viewed through the lens of security, it’s easy to see that Windows XP is, in fact, broken.

When it comes to leaving corporate networks exposed to risk, “almost” is not good enough. If you lock all of the doors and windows on your house, but forget to lock the back door, you may as well not have locked any of them. Similarly, if you upgrade all of the PCs in the organization to Windows 7, but a rogue Windows XP machine you’re not aware of is still connected to your network you’re still at risk, as that lone machine represents an open back door into the rest of the network.

A rogue, unsupported Windows XP machine will eventually become a target to exploit that can allow them to gain a foothold inside a corporate network. That one compromised Windows XP system could be used to siphon information from the network, or spread malware to other systems.

It is crucial to have a complete and accurate inventory of the systems connected to your network. If businesses don’t know what’s out there, they can’t keep it properly maintained and updated and can’t mitigate the risk posed by it.

Knowing is half the battle

The first step in mitigating risks is to know which operating systems are in use within your organization. Using asset tracking solutions, businesses will be able to detect and identify lingering Windows XP systems with minimal effort and assess their risk level.

Businesses should consider custom software running on their systems. Businesses need to determine whether continued use of Windows XP will impact these custom systems in terms of ongoing support from their manufacturers and determine what changes these applications need when migrating to another OS, particularly if it is already a legacy, unsupported application.

The risk is that hackers will be able to identify holes in Windows XP that will no longer be addressed in short order with a Microsoft patch or service pack. These potential holes for exploitation will continue to multiply over time and as such the cost of managing a Windows XP estate will rise very quickly, both from maintenance point of view, but also from potential exploits and lost productivity.

Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //