Due to the COVID-19 pandemic, organizations are dealing with many new concerns and elevated risks: employee and organization health, business continuity, security, and remote workforce vulnerability to name a few. Unfortunately, criminals and cyber threat actors don’t take a break when times are uncertain. Instead they capitalize on the situation and increase their activity. Thus, it is even more crucial to be diligent in safeguarding your organizational and personal data.
This is a CRITICAL reminder that, effective January 14, 2020, Microsoft ended its support of Windows 7 Operating System and its server counterpart Windows Server 2008 Operating System
What this means:
Microsoft stopped supporting Windows 7 and Server 2008 operating systems effective January 14, 2020, which means they no longer provide free Windows Updates and Security Updates for these operating systems to the public.
If you or your organization are currently using the Windows 7 Operating System on your PCs or have any server running the Server 2008 Operating System, you are putting the organization, your customers and employees at risk.
Why are You at Risk?
• Unsupported operating systems are more likely to become compromised with ransomware, viruses, worms and malware because they have known security flaws.
• Regulated and compliance-based organizations are required to maintain supported operating systems.
• Unsupported operating systems can also void an organization’s insurance policies, such as cyber liability insurance.
• Unsupported operating systems could lead to additional costs from your Managed Services Partner (MSP) to support your organization.
What Can you Do?
1. Upgrade and/or replace existing instances of the unsupported operating systems.
3. Purchase extended security updates, or (ESU) Program from Microsoft for each eligible instance of the unsupported Windows 7 Operating Systems. (Currently, $61.00 per device)
4. Decommission (remove) existing computers with unsupported operating systems.
4. Implement other risk mitigation options, like system isolation or other advanced IT security and technology solutions. This would require an investigation and potentially a project by your IT provider.
Not an Option: TO DO NOTHING!!!
If you haven’t already done so, please reach out to your IT provider to validate your plan or update as necessary.