On April 8, 2014, Microsoft will formally stop supporting the Windows XP operating system, and for organisations still running Windows XP, that’s going to create a security nightmare.
Currently, Microsoft is active in patching security holes where hackers discover exploits. After April 8, the only way to gain those patches is to pay Microsoft for a custom support plan, which is not cheap; larger organisations can expect to pay in the millions.
The retirement of Windows XP has hackers rubbing their hands together with glee, and holding off releasing new exploits that they have developed into the wild. Why? Because in just two months, an exploit is going to be permanently relevant and unchallenged.
And yet, despite the looming deadline, organisations are unwilling to migrate away from XP as an operating system. A recent Brennan IT poll asked its customers what desktop operating systems they run, and 57% of respondents said they continue to operate Windows XP in the office. It is in fact the second-most used operating system, after Windows 7 (which all respondents use), and tied with Mac OSX.
Furthermore, of those surveyed, 57% claimed that they have no interest in upgrading the operating system currently. “We like to place people on systems that they feel most comfortable and productive on,” one respondent wrote.
The reasons why organisations are unwilling to upgrade their operating system are varied. For some, it’s a change management issue; “the major problem we have is our suppliers unwilling to upgrade the programs we use to current versions,” one said. For others legacy applications require using an old operating system.
In under two months, Windows XP is going to become a significant security risk. Mitigating that risk isn’t the only reason that it’s in the best interest of the business to upgrade (“we have different versions of OS for different business requirements, but this is an issue for support staff,” one respondent wrote), but despite the compelling reasons to upgrade the Brennan IT poll results indicate that it’s going to be a risk that many organisations are going to be grappling with through 2014.