As we approach Christmas and business planners cast their thoughts ahead to the opportunities and restraints of the festive season, it can be easy to overlook the IT hurdles that many managers will face after returning from the break. In fact, for many in the technology industry, 2014 – and specifically April – should be the focus.
In April, businesses of all sizes are due to face a serious threat to their IT security and functionality in the form of the first major software expiry event of this decade. At that time, six versions of the most popular Microsoft products used by UK businesses will go ‘end-of-life’, meaning that Microsoft will no longer release or support updates for these products.
Without updates, this software, as well as the systems, information and processes connected to it, will rapidly become vulnerable to outside dangers. These dangers can range from hacking and invasive malware which can steal data and spy on activity through to highly destructive viruses like ‘worms’ and ‘Trojan horses’ which can wreak havoc in an unprotected IT infrastructure.
It should also be noted that failure to upgrade will typically be recognised as a control failure by an internal or external audit entity, potentially leading to suspension of certificates, and possibly public notification of the organisation’s inability to maintain its systems and company information.
Should businesses be concerned? Possibly. If a company has any of the below software in its IT environment, then it needs to take action quickly:
- Microsoft Windows XP
- Microsoft Office 2003
- Microsoft Exchange 2003
- Microsoft Live Communication Server 2003
- Microsoft SharePoint Portal Server 2003
- Microsoft SBS 2003
The looming upgrade issue is one that every business needs to be aware of. This topic has typically been swept under the carpet as an unwelcome back-office expense, but time has now elevated it to the status of ‘business critical’. There are thousands of companies in the UK that are unknowingly steaming towards this iceberg and by the time the dangers have presented themselves, it will most likely be too late to prevent any damage. This is not scare-mongering; these threats are real.
Depending on the size of the environment, the task of upgrading could be complex, as the problem extends beyond the purchase of new software alone. Below are a few questions that may help businesses to outline the implications:
- Will your existing hardware support new operating systems and/or software?
- Will your other applications work on the new operating systems and/or software?
- How will you overcome any compatibility issues?
- Will your employees need training to use the new operating systems and/or software?
- How long will it take to roll the new software out?
Whilst the list above is not exhaustive, it helps to explain why this problem can’t be put-off any longer. There are other options, such as taking a thin-client route or moving to the cloud, but like system-wide IT upgrades, these are not changes that can be implemented overnight.
At this stage, the problem is one of urgent budgeting pressures: businesses will need to assess the extent to which they’ll be affected and what money will need to be diverted to pay for the replacement software – and supporting hardware. However, over the next 6 months, the problem will develop from one of budgets to one of immediate security and reputational threats.