Our old friend Windows 7 is facing retirement on January 14 with the end of extended support. What does this mean for you? If you’re still running Windows 7, then you’re going to have issues in several areas such as PCI, NIST, HIPAA, and GLBA to name a few.
In nearly every framework, standard, and IT regulation running an unsupported and unpatched Windows operating system can result in negative connotations.
- In compliance areas, it’s a failure.
- In risk, you’ve got a high.
- In regulatory, you may incur penalties.
The aforementioned areas are the selling points to empower executive decisions in the right direction.
An unsupported Windows operating system has security vulnerabilities.
This ticking time bomb is a prime target for malware and hacking. Remember one weak or unpatched Windows operating system is all a malicious actor needs to gain a foothold on your network and bring your network down. If you haven’t established a plan for migration, then action is called for.
While the automatic updates have ceased for the mainstream, you can contact Microsoft directly and purchase Windows 7 Extended Security Updates (ESU) for up to three years after 1/14/2020. This applies to Windows 7 Professional, Enterprise, and commercial customers who purchased Ultimate editions. Bug fixes will no longer be available and technical support would only be available through active support contracts or partner support plans.
You have options, such as upgrading to a newer version of Windows and training your users.
If you have older applications, you can run in Windows compatibility mode in Windows 10. Thereafter train users in the new interface. No matter the scenario, organizations still running Windows 7 require decisive action to protect themselves from threats.
SecureTrust, a Trustwave division, leads the industry in innovation and processes for achieving and maintaining compliance and security. SecureTrust delivers world-class consulting, compliance and risk assessment services and solutions for the enterprise market as well as tailored merchant risk management programs and solutions for merchant program sponsors around the globe.
Contact us today for all Enterprise Compliance, Merchant Risk Management and Compliance Technology needs.
Jason Wulf is an information assurance expert interacting with information and cyber security domains focusing on risk and compliance in the financial industry. Jason’s previous roles primarily consisted of management of enterprise level infrastructure, Service Desks, and help desks. Miscellaneous responsibilities included project management, agile development, and system administration.
At SecureTrust, Jason leads engagements with clients to assess, test, and perform onsite PCI-DSS compliance validations with CDEs (Cardholder Data Environments). He performs scoping, PCI GAP assessments, risk and remediation consulting for practical and actionable steps in improving their security stance with a mindset of governance, compliance, and organizational privacy.