I admit that I have never understood the love affair many of my friends and colleagues (and millions of other users) have with Windows XP. Sure, I get that people get adjusted to a particular operating system (OS) and they don’t like change. But then, there were features in Vista that I liked, and I know I’m in the minority there.
However, no matter my opinions about it, a lot of people and companies have stuck with Windows XP for the past dozen years, eschewing newer Windows OS versions. Sometimes it is a matter of cost—many small businesses simply didn’t have the budget to upgrade to Windows 7 or 8. Sometimes employees with older computers just keep using the same old OS because they know it and like it. And in at least one situation I know of personally, updating XP machines was a non-priority unless the computer crashed.
Whatever the reason, all of those Windows XP users are going to be running computers at risk as of April 8, when Microsoft ends its support of XP. Even if you don’t use XP anymore, chances are someone you do business with still does. As a Fortinet blog post pointed out:
Take the example of the banking sector. 95% of automatic teller machines (ATMs) around the world rely on computers running Windows XP. Besides the disruption of services to perform this migration, these computers are not normally able to support a newer version of Windows. In this case, a migration is not possible without first upgrading the computer, incurring significant cost and downtime for these companies.
The Fortinet post did point out that the real risk of continuing to use Windows XP comes when connecting the computer to the Internet. So, if you have a desktop that is used just for preparing and printing documents and playing Solitaire, but is never connected to the network or Wi-Fi, you should be good to keep that PC on XP. But if you are using your XP machine to connect to the Internet, AlienVault recommends limiting access to the XP computer from other computers:
By segmenting these machines, it will minimize the chances for the machines to be targeted and exploited. Organizations should be most concerned about the assets that are running their business systems. For example, regarding the recent breach at Target, the retailer's point-of-sale terminals were running Windows XP embedded. By cutting terminals off from the remaining network, it could have accomplished a lot.
Also, make sure that every application used on the Windows XP machines is up-to-date—that means using a secure and updated browser. If you can’t use the most updated version of a browser, try a different browser. Keeping all of your software and applications patched with the latest versions adds a layer of protection.
Even though I don’t understand the love affair with XP, I do understand tight budgets and that for some small businesses, upgrading to Windows 7 or 8 seems out of reach—at least for now. On the other hand, can you afford the risk of a breach because you are still using XP?