Windows XP is finally DEAD, right? Er, not quite. Here's what to do if you're stuck with it
Lock down and look sharp, it's the hackers' game now
It's not a simple case of just moving to Windows 7
Going to Windows 7, as many have done, brings you closer, but it’s not a touch-enabled OS. Windows 8 is touch, but Microsoft’s made such a pig's ear of it, it takes the truly open-minded, self confident or those on the receiving end of some handy account help from Microsoft to take the decision to commit to Windows 8.
It’s this thicket that’s meant so many Windows XP upgrades have gone past the April date, as upgrading became not an IT matter but a business issue.
“Nobody can claim to have woken up to it late,” Marsh said. “It’s been they’ve struggled to engage the business, to get the buy in around the budget spent, struggled to get engagement around consolidation of apps, to understand the business change impact, it’s not looking at it as a holistic perspective - you are not just upgrading the operating system, it’s the whole program.”
Here’s another twist: Windows 7 has been the lifeboat for most but it’s already five years old and mainstream support for that finishes on January 13 next year.
Extended support and security fixes – the period just finished for Windows XP – end for Win 7 on January 14, 2020.
Windows 8 is new and has a longer lifespan. People who’ve postponed going to Windows 7 might now defer to Windows 8 as their platform of choice.
Another option is to unload the job of supplying the devices on the employees, a strategy known as Bring Your Own Device (BYOD). That saves you, the company, having to supply and upgrade end-points in the future but you’ll need the network, security, privacy and regulatory infrastructure and frameworks in place.
"Businesses need to understand if there’s a problem what can happen and what’s the action plan around it, and not run around like headless chickens."
And after all that, it still might not work. Camwood’s Body is a former chief architect at Astra Zenica whose also worked with large financial institutions and oil and gas companies. He reckons on companies in the US who’ve embraced BYOD only to reverse it later owing to the complexity of the set up or data getting lost.
“At the moment BYOD is hype. When customers start working out the issues, then it becomes reality,” he said.
It’s like Vietnam out there. What happens next?
Most people The Reg spoke to think there’s very few who’ve actually not started Windows XP upgrades. All believe the next 12 months will see sustained work, with the majority of projects coming to an end. A relatively small number will roll over.
At this stage, it looks like a large number have decided to tough it out: that is, turn off old Windows XP machines as they die and bring in new systems running Windows 7 or Windows 8 as required. That's what happened when Windows NT bit the dust.
For those trying to avoid this death by a thousand cuts, Marsh recommends putting a constructive case forward beyond a simple need to upgrade.
“If you are trying to justify a transformation program and if it’s seen as an expensive upgrade, then that will slow down any approval but in the budget from the business and adoption from the user community who don’t see the benefit. Introducing new capabilities is a way of helping speed adoption because you can get better buy-in down the chain from executive to the coalface,” Marsh said.
There’s still the mid-term problem of what to do if you’re still on Windows XP and have paid Microsoft for extra cover.
AppSense reckoned 84 per cent expect to be clear of Windows XP within the next year but that 68 per cent don’t plan on paying Microsoft for extended support despite warnings about possible vulnerabilities over exploits and malware. How do you protect yourself?
Also, look at the best way to protect your IT estate. Here’s some recommendations:
- Edit your PC’s Windows registry so Office and media components don't play or execute programs by default
- Limit user rights to restrict things like browsing and email and also restrict the PC to run only “known good” apps
- Control access to removable media and devices like smart phones, so viruses and other malware isn't transported from machine to machine
- Convert Windows XP machines into thin clients or virtualize the desktop
- Create controlled zones of Windows XP machines, filtered via internet gateways to control inbound traffic as authorised
- Apply all latest patches to the apps you’re running – and to Windows XP itself
- Only run the latest versions of software such as Java and Flash
- Install the latest anti-virus and anti-malware products from third parties onto your PCs
- If you have upgraded, double check whether partner, customer or supplier connections to your network or PCs are using Windows XP
- Move critical applications and users to server-based computing
You also need a plan, should the worst happen and Windows XP is breached after the support has been killed off.
Marsh said: “Businesses need to understand if there’s a problem what can happen and what’s the action plan around it, and not run around like headless chickens.”
The next 12 months should see more people come up with an answer to where they go after Windows XP. The challenge will be whether they arrive at their planned destination without being harried by the bad guys along the way.
Even then, though, Windows XP is likely to have the last laugh. Such was its run and so deep its penetration, it will lurk for quite some time yet, beyond even the next 12 months – a ticking time bomb in an isolated pocket somebody somewhere forgot they had. ®
Sponsored: Becoming a Pragmatic Security Leader