What If You Are Still Running Windows XP?

by Sohini Bagchi    Apr 03, 2014

windowxp

We are almost nearing April 8, 2014 - the day when Microsoft said it will end support for Windows XP - and that’s only next week! Analysts have warned that leaving Windows XP unsupported will expose organizations to a growing risk as the number and severity of security exploits grow, and continued support from Microsoft will be costly.

Businesses… beware!!!

Michael Silver, VP and distinguished analyst at Gartner estimates there are a lot of organizations that are still running XP and almost every organization will have some XP left. “There’s lots of Windows 95 running in hospitals, for example. But overall, when support ends, we estimate that 20-25 percent of enterprise systems will still run XP and that one third of enterprises will have more than 10 percent of their systems remaining on XP,” he notes.

However, the risk of security breaches on systems running Windows XP beyond April 2014 is high. So how should companies still running XP address these concerns? “They should have a plan to get rid of it as soon as possible,” says Silver adding that it is important to reduce user rights on the machines, restrict the PC to run only “known good” applications, and minimize web browsing and email use on the PCs. Cautioning enterprises on the potential risks he states that even in organizations without Windows XP, a user that puts an unpatched Windows XP machine on the network can introduce problems.

At a recent Microsoft event, the company announced that more than 80% of PCs in large enterprises in India have successfully moved away from Windows XP, thereby reducing the risk to their operations. But the greater concern is for banks and financial organizations as a chunk of them are yet to migrate.

Organizations should move critical applications and users to server-based computing. Where users or applications can’t be moved for regular use due to licensing, cost, or capacity issues, businesses should have the applications installed for server access in case of emergency.
-Michael Silver, VP and distinguished analyst at Gartner

“This is a genuine threat to Indian businesses and it is worrying to see that many organizations in critical industries, for example banking, aren’t moving quickly enough,” said Karan Bajwa, Managing Director, Microsoft Corp, adding that every PC in India to move away from Windows XP before support ends next week. As per the bi-annual Security Intelligence

A report published by Microsoft last year noted, Windows XP installations are six times more likely to be infected by malware than Windows 8 machines. It is therefore important that organizations with critical systems such as state-owned enterprises (SOEs) and the BFSI migrate to modern versions of Windows Operating System. 

IDC too has mentioned in an earlier report that in addition to concerns over security, companies that do not upgrade will also face increased IT and maintenance costs. “Companies continuing on Windows XP post April 8, will spend three times more on support and maintenance of their IT than those that will migrate to newer platforms,” it said.

 A successful migration 

While migration process requires a strong and sound decision making, a company getting off Windows XP, must address certain issues before beginning a migration to a later version of Windows or another OS.

According to Silver, “While most applications now support Windows 7, it’s possible an organization has very old applications or versions that don’t. Application testing is of paramount concern. Organizations need to decide whether to deploy Windows 7 or Windows 8. A migration to Windows 7 will likely be faster, but one to Windows 8 will have more longevity,” he says.

Windows 7 support ends in January 2020, less than 6 years away, and organizations that are so late on Windows XP should not get into the same situation with end of Windows 7 support. Siver also believes the best alternative would be to deploy Windows 7 for the most critical users and applications now and working to be able to start deploying Windows 8 starting early in 2015.