Do your Microsoft IoT devices go end of support soon? Don’t take this risk

Most organizations have a plan to upgrade their Windows desktops. Fewer have one for their Internet of Things (IoT) devices.

Point-of-sale terminals, diagnostic carts, manufacturing consoles — many of these are still running Windows versions that are years beyond support. Without patches or security updates, they introduce vulnerabilities that traditional endpoint protection can’t cover. Some are no longer compatible with Azure provisioning tools. Others fail silently during over-the-air updates, leaving IT teams unaware until a disruption or compliance failure surfaces.

The timing matters. Microsoft will retire support for transport layer security (TLS) 1.0 and 1.1 in Azure IoT Hub by August 31, 2025. Devices that don’t support TLS 1.2 or higher will no longer be able to connect securely, potentially interrupting provisioning, updates, and telemetry. At the same time, many Windows operating systems are already at or nearing end of life (EOL), exposing broader risks tied to patch management and unsupported infrastructure.

For IT leaders building their Windows 11 roadmap, IoT devices might not be front of mind — but they should be part of the plan.

Legacy systems aren’t just outdated — they’re unsupported

Many embedded systems still in use today were never designed for frequent refresh cycles. They’re workhorses — deployed in patient rooms, manufacturing lines, and retail counters — running quietly in the background, often with little attention after installation. But while the hardware may still perform, the software running underneath has long since fallen behind.

Windows Embedded 8.1, for example, stopped receiving security updates in mid-2023. Compact 2013 reached end of support the same year. Other versions like Windows Embedded Handheld 6.5 and Embedded 8 Standard have lost support even earlier. Some versions of Windows 10 IoT Enterprise will remain supported through 2026 or 2029, but only if they were deployed with the right servicing channel.

The problem isn’t just that these systems are old. It’s that they’re no longer supported by Microsoft, by original equipment manufacturers (OEMs), or in some cases, by the security tools IT teams rely on to monitor endpoints. That means no patches, no compatibility testing, and no guarantees that devices will continue functioning securely within modern environments.

Most IT teams wouldn’t knowingly keep unsupported Windows 8 laptops in production. But despite their equal importance and exposure, the same logic isn’t always applied to IoT and embedded systems.

The risk doesn’t stay isolated to the device

When embedded systems fall out of support, the impact isn’t limited to a single endpoint. These devices still move data, receive updates, and connect to broader networks. And when the software underneath can’t meet modern standards, the consequences often reach further than expected.

In many environments, outdated IoT devices quietly disconnect from core security infrastructure. They can’t be patched, can’t report status, and often can’t be seen by the tools designed to monitor them. That loss of visibility introduces risk not just to the device itself but to everything it touches, from access controls to compliance audits.

Some may continue functioning for years without obvious failure. But without update compatibility or vendor support, they become harder to manage, harder to secure, and easier to overlook. Vulnerabilities remain unaddressed. Logging and telemetry features degrade. And because these devices typically fall outside routine refresh cycles, they’re often excluded from endpoint protection plans entirely.

Whether governed by the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), or internal frameworks, organizations need to know which systems are unsupported and where those systems might be creating gaps. Aging devices might still work, but they no longer work safely.

Modern security and long-term support for embedded systems 

Not every device needs a full desktop operating system. Most embedded systems perform a specific task, like scanning a barcode or processing a transaction, and they need to do it consistently, securely, with minimal overhead. Windows 11 IoT Enterprise is designed to support that kind of purpose-built computing.

It delivers the core stability and security of Windows 11 Enterprise with a streamlined feature set optimized for kiosks, carts, or machines rather than end users. It adheres to Microsoft’s long-term servicing channel (LTSC), offering a 10-year support lifecycle with no feature updates. That predictability matters for organizations running equipment that is expected to stay in the field for years without disruption. It eliminates the need to plan around semi-annual feature changes and ensures that updates focus only on security and reliability.

This version of Windows also reflects Microsoft’s broader security architecture shift. Devices that can’t support baseline protections like modern TLS protocols or hardware-level attestation are gradually being excluded from the ecosystem. Windows 11 IoT helps ensure embedded systems don’t get left behind, especially as more provisioning and telemetry services move through Azure.

Keeping embedded systems current with Windows 11 IoT Enterprise brings them back under active management. It gives IT teams a way to apply consistent policies, align with security baselines, and plan around predictable support timelines. Instead of working around device limitations, teams can integrate these systems into broader endpoint strategies, with fewer exceptions and unknowns.

One upgrade strategy that includes everything — and everyone

Supporting IoT devices at scale takes more than a software decision. Most organizations need visibility into what’s running, guidance on what’s required, and a partner who can execute across thousands of distributed devices.

SHI can help. Our IT asset management services give you a full view into your embedded device landscape — including OS versions, lifecycle status, and upgrade readiness. From there, our Microsoft services team can help you identify the right Windows 11 IoT Enterprise licensing path — ensuring they align support timelines, servicing channels, and hardware capabilities without overpaying or overprovisioning.

Once the plan is in place, our configuration and deployment services make rollout possible at scale. Whether it’s shipping pre-imaged devices, delivering install media, or coordinating deployment across hundreds of locations, our solutions are built for complex environments.

SHI brings together the expertise and infrastructure to modernize embedded systems without adding friction. 

IoT devices might not demand daily attention, but they still deserve a place in your broader upgrade strategy. As organizations prepare for Windows 11, this is the right moment to bring embedded systems back into scope and ensure they remain supported, secure, and aligned with long-term IT goals.

Ready to bring your embedded infrastructure up to date? Contact us to get started with a full device assessment, tailored licensing guidance, and a deployment plan built for scale.