Microsoft Windows XP reached its official end-of-life (EOL) on 8 April 2014 – yet almost a third of the world’s machines are still running Windows XP, leaving smaller businesses at risk of major security breaches, says Chanel Homan, channel manager South Africa, McAfee.
Microsoft has not only discontinued technical support but also security patches, leading to a huge opportunity for security risks when vulnerabilities are made public but patches are no longer provided.
Migrating to alternative OSes such as Windows 7 and 8 is costly and time-consuming. With limited budgets and IT expertise, many small businesses have found it challenging to manage a platform upgrade of this size.
Many of these businesses have yet to grasp the risk they are exposing their business to if they haven’t taken additional security measures or migrated platforms. Worryingly, many SMEs may also confuse Microsoft’s extension of its antimalware support for Windows XP to mean that this OS will remain protected – when in reality these businesses will still be vulnerable to zero-day attacks and other data security breaches, unless action is taken now.
Smaller businesses are likely to need more guidance through a changing and increasingly confusing technology and security landscape than their larger counterparts – and this is an opportunity for the channel to be a vital ally in negotiating this challenging territory. We know many retailers for example, are struggling with the migration due to application compatibility issues with many point of sale (POS) systems only supported by Windows XP.
Many retailers also don’t fully understand the risk of compliancy, such as PCI DSS, being invalidated should they continue with an unsupported and unprotected system. Providing step-by-step guidance on migration plans or advice on the short-term security measures to maintain data security, will ensure partners are best placed to offer a long-term roadmap for IT requirements.
With more than 500-million machines were still running XP Gartner figures reveal global install base of PCs at the end of 2013 at 1.63 billion units, and NetMarketShare data has XP at close to 30% worldwide at the end of 2013, many VARs and MSPs should also see this as an opportunity to expand their product portfolio.
For example, partners specialising in desktop infrastructure can now look to provide the security support much needed by SMEs, as part of their overall offering.
By helping SMEs safely through the Windows XP security gap, resellers and partners are not only able to explore new revenue streams and expand offerings, but ultimately be valued as trusted advisors, integral to their customers’ success.
So how should the channel approach small businesses and what advice should partners give SMEs as part of their Windows XP security strategy? We’ve listed our top four security measures for SMEs below, which should serve as a starting point to engage with small businesses:
Let roles and responsibilities define privileges: Particularly with SMEs admin rights are often given to all staff by default – the channel should educate businesses that potential security issues can substantially mitigated by normalising user privileges according to roles and responsibilities and only giving admin rights to those who need them.
Buffer Overflow Protection: Ensure customers have storage and buffer overflow protection enabled to help protect against malicious exploitation. Unsupported operating systems such as XP become a greater risk to zero-day threats, which means businesses must make use of intrusion prevention systems.
Deploy dynamic whitelisting: To better control unauthorised software from being installed and executing on legacy systems, resellers should advise small businesses to deploy dynamic whitelisting. This will reduce the need to constantly chase software updates and patches (including Microsoft patches and security updates), to keep up with the ever increasing tide of malicious software.
Instead, if an application is not on the whitelist, it is prevented from executing, is reported and the endpoint remains safe.
Make realtime visibility a priority: One of the biggest threats to businesses of all sizes is delayed discovery and remediation of attacks. Real-time visibility is critical to give companies a head-start so they can quickly identify and remediate attacks attempting to exploit XP vulnerabilities.
Now is a critical time for SMEs with many still grappling with the security implications of using XP post the April 8 cut off. Small businesses are already prime targets for cybercriminals – they are often unaware of or unsure how to deal with the sheer scale of increasingly sophisticated attacks and often lack budget and resource to increase their security posture.
Combine this with an unsupported and unsecure operating system, and this makes ripe grounds for malicious activity.
For the channel, this presents a compelling opportunity. In guiding businesses through this difficult period, resellers and partners are able to strengthen and expand their portfolio by offering security solutions that will ensure their customers are protected through Microsoft XP’s EOL and beyond.