Our Advice for Companies Still Running Windows 7
Be Smart About Moving to Windows 10
In a nutshell, it’s time to move to Windows 10. Any IT professional worth their salt will say that staying on Windows 7 is a risky proposition. We could tell you all sorts of horror stories about what can happen to your network and data if you stubbornly cling to Windows 7. Suffice it to say that you’re a sitting duck for cyberattacks.
If you weren’t able to swing a Windows 10 upgrade before the Windows 7 EOL date (January 14, 2020), you’re not alone. As of Jan. 9, 19% of Windows users were still using Windows 7. But every day you put off the upgrade is another day your network is a fat, juicy target for hackers.
The sooner you get onto Windows 10, the safer you’ll be. Here’s what we’re recommending to businesses still running Windows 7.
Create a Plan for Replacing Your Windows 7 Assets
Simply putting Windows 10 on your existing machines isn’t always feasible. You’re better off upgrading your equipment when moving to Windows 10.
“Oftentimes, computers that are running Windows 7 have insufficient resources to power Windows 10,” says Josh Moore, senior solutions architect at ITP. “Also, the time spent on upgrading and reinstalling applications can be a costly endeavor. We’ve found it’s better to invest those dollars in purchasing new computers – they offer a longer lifecycle with improved security.”
And the sooner the better. “The longer it takes to replace those assets the more risk is associated with them as new potential security holes are identified,” says Moore.
There’s a misconception that you’ll be fine on Windows 7 as long as you keep your anti-virus (AV) up to date. Here’s why that’s not true.
- AV only protects you from known malware. Cybercriminals come up with new hacks every day that your AV won’t be ready for.
- If you get attacked and call Microsoft or your AV vendor for help, you probably won’t get much help in troubleshooting problems on an obsolete operating system.
- When (not if) new security vulnerabilities are found within Windows 7, you’ll be wide open to an attack. As time goes by, hackers will exploit more and more unpatched security holes.
Remember WannaCry? This ransomware attack back in May 2017 used a Windows vulnerability to encrypt files on PC hard drives. It was only after Microsoft issued an emergency patch that WannaCry started to lose momentum. If a similar attack were to happen today, Windows 7 users would be vulnerable because Microsoft is no longer obligated to create patches for this operating system. You don’t want to be stuck in that nightmare scenario, trust us.
Look Into Extended Security Updates
Once you’ve put the wheels in motion to move to Windows 10, you need to keep your network safe during the interim.
Microsoft’s Extended Security Updates (ESU) continue to provide security updates for Windows 7 business users for up to three years – for a price.
“It’s easy for small or enterprise companies to purchase ESU and they can do so at any point,” Moore says. “However, keep in mind that if an organization buys ESU one year or two years after the official end of support deadline, they need to pay for the previous years as well since updates are cumulative.”
You may be thinking, “I can be safe for three more years if I buy ESU? Well then I don’t need to update to Windows 10 after all.” ESU is not a “Get Out of Jail Free” card – it’s more like delaying the inevitable. You still need to move to Windows 10, but this buys you some time and keeps you protected while you do.
“The ESU option is a costly one to maintain. Companies are better off investing in new equipment in the long-term,” says Moore.
Leverage Network Behavioral Analysis Software
Moore recommends adding security tools that use deep behavioral analysis to better identify network anomalies. Connecting tools like this to your Security Operations Center adds another important layer of security around your network. Putting more layers between your company and a cybercriminal makes it that much harder for attacks to penetrate.
Network Behavioral Analysis (NBA) software works by “listening” to your network to establish a baseline of what normal activity looks like. This enables it to then alert you to anything suspicious or unusual so you can take action quickly before any major damage is done.
We can help you find the right tool for your organization and give you a hand in setting it up.
Lock Down Critical Windows 7 Machines
If you have legacy applications or special equipment that only runs on Windows 7, keep those machines away from the internet and network as much as possible. No connection means no way for hackers to get to it.
“If possible, disconnect special-use PCs from the internet using network segmentation or disabling routing through a gateway,” recommends Moore.
It’s Ok to Ask for Help
Moving to Windows 10 can be a big task to tackle on your own. Here at ITP, we’ve helped organizations of every size make OS upgrades. Working with an experienced partner can ensure the whole process goes smoothly with minimal business interruption. We’re just a phone call or email away.
A Look Back at Windows 7
RIP Windows 7: We’re Going to Miss You – How-to-Geek
7 High Points of Windows 7 – Computerworld