Still running Windows 7? Take these 3 precautions to protect yourself against cybercriminals
It’s official: Windows 7 extended support reached end of life on Jan. 14, 2020.
If you’re still running Windows 7, you’ll no longer receive security updates and technical support from Microsoft, including support for Internet Explorer on Windows 7, which was also discontinued on Jan. 14.
Many of you have been preparing for this event and have already upgraded to Windows 10.
We understand, however, that for some of you, upgrading numerous devices from an aging operating system and retraining your staff can be tricky – especially if you need to run mission-critical applications on Windows 7.
Unfortunately, cybercriminals are counting on this. And now that Windows 7 extended support has reached end of life, they will be targeting it.
What, then, is the best path forward? If you’re still using Windows 7, you need to assess, understand, and manage the risks of doing so. Here are three steps you should take to protect yourself against potential threats.
1. Perform a risk assessment
Maybe you have an application built on Windows 7 that’s running a scientific instrument. Maybe you have an application reporting on machinery in an assembly line, pharmaceutical filling plant, or even a hospital.
One way or another, those programs need to run, and sometimes the risk of a cyberattack is more palatable than the risk of upgrading. But make sure you have a clear understanding of the business risk associated with allowing unpatched devices to exist.
Ask yourself the following questions: Why are we doing this? What does it bring to the business?
Perform a full risk assessment so you know the level of risk you’re up against. From there, either create a timeline for rolling off Windows 7 or build supporting controls to help you manage the risk you’ve accepted.
2. Build a full technology profile
What are your machines doing? What are the technologies on those machines doing? These are key questions you must answer. Building a full technology profile helps with that.
Your profile must consider communications ports and the processes that are running and required. Be sure you map all devices that are communicating and needed as part of the business application.
Make sure you’re being as specific as possible when profiling each application. Look at things like communication paths and network opportunities for securing it. Build a complete picture that lets you understand each application and the machine it exists on.
3. Harden the solution
The full technology profile will make clear the steps you should be taking for securing a specific application.
It could be as straightforward as leveraging identity and access management controls and building a restricted access network that supports the application solution, not just the device. It could be adding complementary software to the platform that controls processes. Or it could be more complicated.
In the end, it depends on the item you’re securing and the level of risk it presents.
The level of risk will drive your decision
Regardless of the organization, when an operating system changes, the goal is to minimize risk. With Windows 7 extended support reaching end of life, companies still running applications on this operating system must gauge their current tolerance.
If you’re unable to update to Windows 10, then do your due diligence. Don’t focus your efforts at the device level, but on the overall application solution. Assess the risk, build out a complete and thorough technology profile, and harden the solution.
If you have questions about Windows 7 extended support end of life or wish to learn more about risk assessment, contact your SHI account executive.