Windows 7 and the Mess Its Death May Cause

Windows 7 and the Mess Its Death May Cause

John Scott  -  September 25, 2019  -  The BG Blog Library  -  0 Comments

To someone who wants to break into your company’s software applications, your system - to them - may have an imaginary neon light which says, “Come on in here. This one’s going to be easy.”

You don’t want to be that person.

Here are some sobering facts about small businesses and security. These aren’t meant to scare you. It’s to help you understand how you can stop or slow a break-in from happening to you, and that’s easier than you think.

  •  According to a report from spiceworks, 1/3 of organizations still have at least one Windows XP device connected to their network. Support for it stopped almost 6 years ago.
  •  79% of organizations still have at least one Windows 7 system connected and running in their office, according to that same spiceworks report.
  • Microsoft has announced that on January 14, 2020, they will stop supporting that operating system. No patches, no updates...end of life.
  • On that same day, support for Windows Server 2008 and 2008 R2 will end.
  • "Legacy" software is still EVERYWHERE.  In November 2015, Orly Airport in Paris had to ground planes for hours when the airport’s weather data system failed. The system was Windows 3.1, an operating system created in 1992.  Countless US government agencies still rely on bulky, slow mainframe computers from the 1980s.  What the Veteran's Administration uses to keep track of our soldiers and sailors in 2019 would make your nauseous. What's worse, they cannot figure out how to really, truly fix it.

We’re in the software business, so of course we’re horrified by these statistics. But many people aren’t. Millions of people aren’t bothered at all.  Why?

We can only assume many businesses feel like their data is not “important” to anyone, so they don’t need to shield it from cyber attack. Some businesses do their accounting unconnected to the Internet. I went to a Northern California bait and tackle shop recently during a fishing trip with some friends, and the owner was literally using a pencil and a ledger! I asked him why. “I don’t need a computer…”

Okay, that’s fine. A ledger can’t be hacked, that’s true. It can only be stolen by a human burglar. But when that ledger is gone, so is every transaction he’s ever conducted.

And that’s the point.

When it’s gone, it’s gone.

It’s worth noting that a cyber criminal might not be necessarily interested in stealing or kidnapping your business data from ransom - but s/he can certainly use your system to set up what’s called a botnet- a network of computers infected with bad software, running without your knowledge, to do things like send spam messages. Foreign bad actors use botnets to make some very big and hard-to-track messes that can be extremely difficult to disinfect.

Hackers are lazy because they’re humans - they’ll skip a fortified system in favor of an easy job. There are some things you can do now to, at the very least, make it slightly harder for an intruder to compromise your applications and your business.

  1. If you access your software with only a login name and a password, you're practically an open door. You need a capcha  or some type of two-factor authentication (sending a code to your phone is one way).
  2. Run software updates. Countless businesses are running software which hasn't been updated recently - or at all. These are generally free and can take as little as a few minutes.
  3. Backup your data. Have it stored in a place that's not connected to the Internet. That can be a physical hard drive (yes, they still make those).
  4. Educate your employees about the hazards of clicking links they shouldn't. So many intrusions are originally not the fault of the software - it's caused by a human.
  5. Encrypt your email. There are many ways to do it, ranging from annoying to impossible, but it's important to remember that emails sent without a "lock and key" are practically public. When you get a "forgot my password" email from a company, it may very well be visible to anyone interested in taking a peek.

You’ve worked so hard to build your business. You turn on your laptop or desktop every day and it works fine, so it’s very easy to procrastinate or neglect taking steps to protect yourself from what is probably an inevitable headache - a compromised system, data loss, and massive expense to repair - if repair is possible.

Is it possible to be 100% safe 100% of the time? No, and anyone who claims they can do that for you is lying to you. But you can make your systems stronger and safer and reduce the risk of attack.

John Scott is the Senior Marketing Manager at BG Software.
[email protected]
Tags: Windows 7
Software Security: Time to Turn Off the Light
What Was Once Crisis Is Now Policy