Paul Deur
Microsoft ended support for Windows 7 in January 2020, but even a year later, it was reported that it was still running on at least 100 million machines across the globe. This may have been exacerbated by the COVID pandemic - people powering up old laptops and mobile devices as they work from home. But if your organization is supporting Windows 7 on any machines, and you haven’t purchased the (pricy) Windows 7 Extended Security Updates package your company could be at risk of non-compliance.
As an IT manager your role is to control the way your company, end user and customer information is used and stored, and most importantly how it is protected. Given the many high-profile data breaches over the last few years, this is now regulated more closely than ever. And depending on where you operate or trade, the laws and guidelines that your company must comply with can be varied and complex.
If your company experiences any data breaches, you could face a costly court case or fine, and the impact on your brand and reputation could be even more far-reaching. Highly regulated industries are likely to be hit the hardest. Healthcare data breaches are reported to be one of the most expensive – costing an average of US$7.13 million – 84% higher than the global average. Following on its heels are the financial services, pharma and technology industries.
Even if you have already moved to Windows 10, but you aren’t managing regular updates, you could be at risk – Microsoft provides between 18 - 30 months support for Windows 10 versions, and some have already expired. With the announcement that Windows 11 will arrive later this year, Windows 10 itself will only be supported for the next 4 years or so.
So, what are you leaving yourself open to, if you are running an unsupported version of Windows? Well, a lot, actually:
If you think your firewalls and antivirus software will save you, think again. Unless you want to risk exposing your company’s intellectual property, employee or customer information, you should make sure that your company is running a supported version of Windows.
Are you sure that you aren’t running an old version of Windows in your IT environment? Even if you do manage regular Windows updates, you may have missed someone – or they are working from old devices or equipment.
You could use InTune to set compliance for mobile devices. Any devices running old versions of Windows will be flagged so that you can resolve the issue. Unless you know who the end users are or what their role is, you should communicate with them to explain the need for the update and agree on a time and date to schedule – so you aren’t interrupting business critical activities.
But what about other equipment? It’s a good idea to regularly monitor your IT environment. To do this run system scans and scripts to understand what version of Windows is being supported on machines. But in a global company – and at a time when many are working remotely – you can’t be sure you’ll catch everything because this will only return results if machines are connected to the network. Compare that information to your Active Directory records and pull together in a spreadsheet.
If you discover any machines that aren’t running a supported version of Windows, you’ll need to act quickly:
If you’re managing Windows updates on a regular basis, then you can be (almost) certain that you are in compliance with regulations, but you should continue to monitor your environment regularly to make sure that nothing has slipped under the radar.
We know that completed manually, any Windows Servicing is a time-consuming and arduous task. But by applying intelligent automation to repeatable processes, you could cut 50% or more manual tasks, freeing up the time of your team to focus on strategic projects.
Schedule a demo to see how ReadyWorks uses intelligent automation to cut the time and hassle of maintaining IT compliance and ensuring data is always protected.