Security in the post-XP era


Support for Windows XP has finally come to an end, giving way to a whole host of issues for the thousands of businesses that have remained on the operating system, despite there being several upgrades available. Security is definitely at the top of the list of those concerns, as discussed at a recent round table event I attended, hosted by Dell. The reality is that with no more patches or security updates, it leaves those organisations still running XP vulnerable to threats and attacks from cybercriminals. It has even been claimed that hackers have been stockpiling ‘ammo’ to target XP users now that support has ended.Businesses have known for a while that support is ending and that they must rethink their strategy, but not all of them, particularly smaller organisations, have migrated away yet. So what should the next steps be for those businesses still running XP? Here are my tips:

Understand the goals of the business Once you have an end-to-end understanding of where the business is headed you will be able to determine the needs of the business and the associated security requirements. It is important to engage with someone who understands risk; for example the cost of a refresh could have a big impact on the business, but what are the consequences if a security breach occurs? These need to be weighed up against each other. Governance and compliance are also important factors when considering risk levels.

What tweaks can be made to improve security in the short-term? Security is a layered approach. It is not possible to ever be 100% secure, instead you build layers of protection and aim to be as secure as possible within your means. If you’re still running XP, think about what quick wins you can achieve without any major investment – for example, are your patching policies for other applications being carried out properly? Is your application performance management (APM) up to scratch?

Monitor and manage Review your estate and work out everything that is still running XP. Once you have a list in place make sure you closely monitor for any changes that suggest something is amiss. A SIEM (Security Incident Event Monitoring) solution can help control your XP environment here, but having the right resource in place is also key – check that your team has the skills and knowledge to monitor your systems and flag any potential issues. Putting clear policies and processes in place will also help to ensure things run smoothly.

Plan your migration strategy It is possible to carry on using Windows XP – Microsoft is still releasing patches, but only for those organisations paying for support – but it just increases the risk the longer you stay on the operating system. These patches are secure but every time one is released it is effectively telling cybercriminals what the vulnerabilities are, which is not good for those companies who aren’t paying for support. Continuing to run XP is like driving down the motorway without a seat belt on – you might be alright but if you have a crash it could result in disaster. My advice would be to work with the business to understand the strategy, work with vendors and partners to understand what is going to be supported and then plan your migration strategy accordingly, remembering to build security into the very fabric of the infrastructure. It is no good building it and then securing it afterwards. That is not best practice and will lead to issues later down the line.

Security isn’t an issue affecting only Windows XP; it is true of all end-of-life applications. But because support has now ended for Microsoft’s most popular operating system it simply brings the issue to the fore. It is now up to businesses to consider the best strategy for now and the future.

This blog was first published on Computer Business Review – you can read it here.

Case Study

OneAsia Network Limited

Colt Hong Kong Metro is adopted as a network for connection between data centres and financial hub…

Related Product
Network encryption circuit illustrating end-to-end encryption

Network Encryption Services

Protect sensitive data in motion with Colt IQ Network Encryption Services. Effective network security relies on multiple layers of defence, not just at the edge and core of the network but also along the network path. …

Blog
People working at a modern network services company

Colt, Semafone and PCI DSS compliance

Colt has partnered with Semafone to provide its Cardprotect solution for organisations taking payment from customers over the phone, in line with the PCI DSS regulation. …

Live chat with sales

For all your purchase enquiries.
Monday - Friday 9am-5pm

Chat with us

Contact our business sales team