When Windows 7 was first released over a decade ago it was considered “the most secure Windows ever”. And, whilst that was true at the time, the world of cyber security has moved much faster. With security patches and updates no longer being applied by Microsoft since the product went end-of-life back in January 2020, the operating system now has gaping holes which are regularly being exploited by cyber-criminals.
Such is the potential risk posed by this OS, that the NCSC issued warnings earlier this year and are actively encouraging businesses to upgrade to Windows 10 and to ensure that no sensitive data is being stored on Windows 7 devices.
In May 2020, a return of the vulnerability known as “Bluekeep” was reported which, if exploited, could allow an unauthenticated remote attacker to connect to a Windows server and execute an arbitrary code leaving businesses at high risk.
Following the introduction of GDPR and the recommendations for basic security outlined in the Government’s Cyber Essentials Scheme, it is every businesses responsibility to take all necessary precautions to protect their customers’, employees’ and other sensitive data. Burying your head and hoping it will go away could result in financial and reputational damage that cannot be recovered from.
Many businesses that are resisting the change are running old legacy applications that will be challenging to migrate to the Windows 10 environment. But the cost and inconvenience of upgrading or re-building those applications to work in Windows 10 is potentially much more favourable than the cost of a breach. It is therefore strongly recommended that all businesses that are still running Windows 7 devices, contact their IT provider to discuss the options available to them to future-proof their business. At the very least Windows 7 devices need to be isolated from the company network and other devices to minimise the potential impact if a Windows 7 machine is breached.
Don’t become a victim of cyber-crime just because the task of upgrading seems too much hassle. The hassle of a breach is much worse.