For many months now articles have been produced across the IT media about what will happen after the retirement of Windows XP in April 2014. Previous articles have suggested a fairly bleak outlook after the final patching date, including articles in the mainstream IT press such as Computerworld. Whereas other sceptics in the in wider industry have suggested it is simply Microsoft scaremongering.
The problem is there is no precedent for this type of retirement, the world has moved on since Windows 2000; which when retired only ran four-tenths of one percent of all PC’s compared to XP which will still be running between 33-34% of the world’s personal computers in April 2014.
Whilst there are arguments on both sides there are three undeniable issues that are emerging to challenge businesses and individuals alike. Firstly more reports are emerging of zero-day vulnerabilities, these are issues that will directly affect the security of installed XP, and this is linked to the second. That is: where there is a potential for someone to make money, they will find a way. Therefore where hackers now identify an XP exploit which would previously have been saleable for £50-150,000 on the black market, as Microsoft will no longer address these it could be worth double, or more. Therefore a lucrative opportunity for some.
Ultimately this boils down to the third undeniable issue – Risk – or more relevantly your personal or businesses attitude to risk. There is no denying that some people will retain XP for as long as they can but in an environment where information and security are paramount to keeping people working, productive and bringing in the revenues, not addressing a risk, which will only increase over time, affecting the ability for your business to function could end up costing significantly more in lost revenue, lost business and then to add insult to injury the hurried work required to address the change, compared to a thought through and properly implemented upgrade plan.
The challenges we find at this time are twofold, firstly the costs of change, at any time this is hard for the small to medium sized business but coming off of the back of the recent recession it is still such a delicate time for all businesses let alone the impact on cash flow. But secondly sometimes even the most vigilant, attentive, business owner will miss that system in the cupboard used for running a time logging application, or door entry or old systems that are easily forgotten and these pose the greatest security risk.
At Pro Drive we have been conducting checks across the board and has been a rolling program for over 12 months to address these issues but are still urging and encouraging everyone we can to look a little wider and think about the old PC running in the corner, just to make sure you are not opening a potential loophole in your defences.