January 14, 2020. Today marks the end of an era. As of today, Microsoft no longer offers support for its Windows 7 operating system.
If you’re still hanging on to outdated hardware running Windows 7, you’ll no longer receive updates, attack countermeasures, and security patches.
Your Windows 7 machines—and entire network—will be vulnerable to new breaches, exploits, malware and viruses.
It also means that, starting today, no Windows 7 computer is HIPAA compliant. Using hardware that cannot be protected with patches and updates means the Security Rule is not being followed, and if a breach does occur, you’ll probably be liable.
Anderson Technologies recommends upgrading all Windows 7 machines and other Microsoft offerings that also reach End of Life today, including Hyper-V Server 2008/Hyper-V Server 2008 R2 and Windows Server 2008/Windows Server 2008 R2.
What’s the Big Deal?
Businesses and organizations in every field should take end of support for an operating system seriously. Cyber crime is on the rise, and while many criminals continue to target anyone who will click their bait, many more see the value in targeting vulnerable access points to a network, knowing that the data and additional connections they unlock can really pay off. Recently, hundreds of nursing homes and veterinarians lost access to patient data, and multiple municipalities in Texas were effectively shut down due to their software and cloud providers being compromised by ransomware.
It’s not a question of if you’ll be targeted, but when.
For any business, staying up to date on all security and software patches is an essential part of the electronic era. After today, anyone running Windows 7 is holding the door open for cyber criminals once the newest zero-day threat is identified and exploited. Don’t count on your cyber insurance to cover any ransom or damages you incur in the event of an attack. Many cyber insurance policies require businesses to have certain security measures in order to pay out, and an updated and patched OS is one of the most basic protections you can have.
If you operate in the healthcare vertical, staying up to date is not just important, it’s the law. Under HIPAA, any Covered Entity or Business Associate must comply with the same standards. Having patched and routinely updated hardware is part of HIPAA’s Security Rule, and failure to comply won’t just mean trouble from cyber criminals. The Office of Civil Rights can levy significant fines for businesses that knowingly ignore cyber security guidelines.
In the accounting vertical, operating from an unsecured OS could leave you in breach of the FTC Safeguards Rule, and your client data will be vulnerable.
Staying up to date on all security and software patches is essential when fighting cyber crime. After January 14, 2020, anyone still running Windows 7 is inviting cyber criminals in through an unguarded, open door.
What Options Do I Have?
- Extended Support for Windows 7. Microsoft’s extended support plan is only available to users running Windows 7 Pro or Enterprise through volume licensing. Contact your IT provider or Microsoft representative to determine if you are eligible. If you are, you can purchase up to three years of extended Windows 7 support, starting at $50-$100 per computer for the first year and doubling in price each year following. This is not a long-term fix, but it could allow you to spread out your upgrades over several years instead of upgrading your equipment all at once.
- Windows Virtual Desktop. Microsoft is also offering three years of support for free with Windows Virtual Desktop. If you’ve been considering moving to the cloud, this might be a good time to look into Azure and reduce hardware costs.
- Update OS to Windows 10. If hardware costs are holding you back from getting a fully-supported machine, updating your existing computers to Windows 10 might be the most cost-effective option to remain secure. Unfortunately, many computers running Windows 7 are not capable of efficiently running Windows 10.
- Upgrade Hardware for Maximum Security. The most secure option moving forward is a secure OS (Windows 10) paired with up-to-date hardware built to run modern software and protect data.
If upgrades just aren’t feasible—maybe essential software isn’t compatible with Windows 10 or you’re operating on Virtual Desktop—security should be at the forefront of your mind. Move forward with updates and upgrades when you can, and until then:
- Do not connect Windows 7 computers to the internet.
- Don’t store client data on unsecure systems.
- Back up your business data daily and make sure these backups are configured to adequately protect them against cyber attacks.
The time to act is now. Don’t be caught with your IT systems wide open to the next cyber attack. Upgrade to Windows 10 before it’s too late. Anderson Technologies can help. Contact us at 314.394.3001 or firstname.lastname@example.org.