Microsoft Corp.’s Windows XP has had a storied and lengthy run – for the better part of a decade, it was the de facto standard for home and business computing. Microsoft released versions for tablets, media servers, cash registers, and other embedded systems. Service Pack 2 was revolutionary in terms of security on the widely adopted desktop operating system.
As we come to the end of XP’s life, many IT administrators face the daunting prospect of large deployments of an unsupported operating system.
The truth is that it is a simple decision. It is time to upgrade. While the comfort of continued use of XP is attractive, the risks associated of running an unsupported and aging operating system cannot be ignored. Operating system migration should not be the fearful prospect it once was. There are proven strategies and guides to migration that should make for a smooth transition.
The greatest obstacle often mentioned is what to do if a company uses third party applications that require XP. This is a good opportunity to evaluate those applications. An application that is only compatible with a twelve-year-old operating system most likely has other issues, including some that may impact security. It is also worth noting that applications claiming to work with only Windows XP should be independently tested. Some software vendors routinely avoid support for multiple OS versions simply to save time on regression testing.
From a security standpoint, the danger of running an unsupported OS translates into the potential for an urgent and hurried migration when the next major flaw is discovered, and remains forever unpatched. As any IT veteran can tell you, rushed deployments rarely go well and often introduce security flaws of their own, due to an incomplete review of settings.
As a security professional, I sympathize with administrators who are caught in the crossfire of a hard change date. That said, this hard change date comes with palatable alternatives for those still using XP. The features of more modern offerings from a security and general use perspective should also make the transition easier in the long term.
If users plan ahead for this migration, the time that it will take to update their operating system will pale in comparison to the time required to recover from a rushed migration down the line. A failure to migrate may lead to more serious security issues after their support runs out. My advice: just do it.
Charles Henderson is the director of SpiderLabs at Trustwave Holdings Inc.
His post is a followup to Computer Dealer News’ Twitter chat, #CDNwinXP. You can read the recap here.