More

    Five Steps to Mitigate Risks After Windows XP Security Updates End

    There is an increasing amount of buzz around Microsoft’s upcoming plan to stop releasing security patches for Windows XP. While the majority of the noise is doom and gloom, it becomes important to look at this from a practical perspective to figure out what an organization can do to see itself through this transition smoothly and safely.

    As hard as IT teams try, they may not be able to migrate all Windows XP machines to Windows 7. Whether it is due to holdout executives who try to avoid change, or to software on ATMs, point-of-sale systems and in critical infrastructures that currently only support XP, organizations will be left with a number of Windows XP machines after the drop date on April 8, 2014.

    In this slideshow, AlienVault, provider of unified security management solutions and crowd-sourced threat intelligence, will examine the five steps that an organization should take in order to mitigate the risks, even after they stop receiving the Windows XP security updates.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 1

    Click through for five steps organizations should take if they are unable to migrate all Windows XP systems before the April 8, 2014 EOL deadline, as identified by AlienVault.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 2

    Limit access by other machines in your environment

    Ensure that the Windows XP machines are placed on a dedicated network segment and limit access by other machines within an organization’s environment. By segmenting these machines, it will minimize the chances for the machines to be targeted and exploited. Organizations should be most concerned about the assets that are running their business systems. For example, regarding the recent breach at Target, the retailer’s point-of-sale terminals were running Windows XP embedded. By cutting terminals off from the remaining network, it could have accomplished a lot.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 3

    Reduce the privileges of your existing user accounts

    Oftentimes, the majority of exploits targeting desktop software, including Web browsers, Java, Adobe Flash and Adobe Reader, are mitigated when the user account is a standard user. When an organization tries to mitigate an existing user account to a non-administrative account, it becomes a disruptive task. Organizations should try to reduce the privileges of their existing user accounts.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 4

    Use an up-to-date browser

    Organizations need to use a browser with a long-term support plan. If users are able to browse the Web from the Windows XP machine, they should at least use a browser that is up-to-date. If an organization decides to allow browsing, please remember to turn off the plug-ins.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 5

    Read email in an updated browser

    While using an up-to-date browser (because you are following recommendation number 3, right?), an organization should leverage its email server’s Web front-end. Make sure to be conservative about the attachments that are downloaded and opened.

    Five Steps to Mitigate Risks After Windows XP Security Updates End - slide 6

    Always monitor your systems

    Organizations need to always check their work and monitor their systems because after all, you do want to catch an incident before it turns into an issue. Make sure that you look out for command and control traffic, internal probing and increased network activity, in addition to other signs of an infection. 

    Latest Articles