There’s no good time for operating systems to reach the end of their days, but the COVID-19 crisis presents an especially disruptive backdrop for the recent end of support for Windows 7 and impending retirement of Office 2010. With the rapid transformation of traditional work environments and new opportunities for threat actors, the pressure is on to protect sensitive data and beef up the IT infrastructure.
“Microsoft made a 10-year commitment to support these products when they were first released, so there’s nothing surprising about Windows 7 and Office 2010 reaching the end of their lives,” says Michael Ball, founder and Virtual Chief Information Security Officer for Team CISO. “The only real surprise is that so many people don’t understand how it will impact their businesses and organizations.”
Challenges Around Unsupported Software
A failure to appreciate the implications of unsupported software is unsettling in many respects, especially considering advice from the Canadian Centre for Cyber Security that the entire IT hierarchy, from management to client, must take every precaution during the COVID-19 pandemic. One explanation for what seems like widespread apathy is that nothing dramatic happens when software reaches the end of its life. Computers keep working, programs keep running, and emails continue to funnel in. The downside, however, is something England’s National Health Service (NHS) learned the hard way in 2017 when WannaCry ransomware disrupted service and cancelled thousands of medical appointments. Post-attack assessments attributed the vulnerability of the NHS’s operating system to unsupported software and a failure to upgrade.
“Unsupported software is a recognized security risk, but a major migration is labour intensive, costly and disruptive,” says Jason Falbo, Chief Technology Officer at Mircom, one of the fastest-growing companies in Canada in the intelligent building and life safety solutions sector. “Sometimes it takes a crisis to provoke change.”
In Mircom’s case, the crisis came in the form of a failing grade on a 2019 security assessment. It would have been easy to do some minor upgrades and call it a day, but Falbo knew that wouldn’t address the deeper need for heightened security. Instead of a quick fix, he committed to a dramatically increased deployment of digital tools, replacing a hodgepodge of on-premise hardware, software and servers with Windows 10 and Microsoft 365 Apps.
Charting a New Course…