Are you putting your computers at risk – even your entire network – with outdated software?
In a recent WOOF! issue, we talked about server lifespan and what to do when yours gets old. This month we'll talk about the other side of the coin—the dangers of continuing to use outdated software.
Why Using Old Software is Risky
In July 2016, a vulnerability emerged in older versions of Apple’s iOS. Hackers could exploit the vulnerability to take over your device if you didn’t update iOS to the latest version.
Update Your Apple Devices Now—New Stagefright-Style Hack Discovered: DigitalTrends.com
Updating your phone is easy (and most phones will bug you until you do). What about your business’ servers though? How often are they updated?
According to the news, not nearly often enough. Businesses are hacked every single day. Dropbox, Yahoo, and so on. The list of those affected is a who’s-who of major businesses. In many cases, these hacks happen because software was out of date. Something 100% preventable.
So why doesn’t everyone keep their software up to date? Three reasons:
- Sticking with what’s comfortable. New software means change. It takes time to learn something new, and sometimes that means learning from mistakes.
- Expense of Upgrades. New licensing, possible hardware upgrades, training time, consulting fees, etc. all comes at a price.
- Compatibility Issues. Your software may rely on a certain version of another application. Upgrading may break this reliance, forcing redevelopment by the software vendor.
These are valid considerations. However, the question really is – do these reasons outweigh the serious dangers and recovery costs that come later?
Dangers like security holes. Inability to use new features (especially online). Hacking and data loss (on both the client AND server side). Crashes, downtime, and related productivity problems.
Is it worth these risks, just to stay with an old version of Office?
The Biggest Dangers: Software That's Most Often Left Outdated
When was the last time your company updated these?
- Antivirus and Anti-Malware Apps. Even though most of these apps can auto-update, we find most of them out-of-date on customers’ computers.
- Operating Systems. Is your Windows up to date? Windows 7 still receives security patches, but mainstream support has already ended. As time goes by, older operating systems lose support and become vulnerable to cyberattack. (Mac OS is not immune, either.)
NOTE: As of October 11, 2016, Microsoft has moved to a new update method for Windows 7-10. Instead of releasing updates one-by-one, they’ll now release one monthly patch.
- Windows Servers. Nowhere is outdated software more dangerous than on a major server. One security hole, exploited by a hacker, can destroy your entire infrastructure. Are you still using Exchange Server 2003/2007? SQL Server 2005/2012? Windows Server 2003/2008? There's a target painted on your servers right now.
- Web Browsers. Google Chrome is the world’s #1 web browser. Yet 29% of users still use an outdated version of Chrome. Not only does this leave you open to cyberattacks, but you miss out on new security features in up-to-date browsers.
- Accounting Software. Think how badly a crash of your accounting software would hurt your business. Always keep it up-to-date with security patches or new versions. If no patches arrive after 1 year, switch to another accounting app!
- Backups. When did you last verify your backups? If a backup is old, or corrupt, then it’s not usable. If your backups are not viable – when you need them – how much business would you lose?
- Firewalls. Major firewall makers like Juniper and Cisco constantly work on updates to their firewall products. Hackers constantly try to find weak points in them. If your firewall doesn’t use the latest firmware (like an operating system for the firewall product), it’s a wide-open target for hackers to exploit. Firewalls, like software have end of life dates – when your device reaches that point, firmware updates are no longer available leaving you exposed to new styles of attacks.
Most Software is Regularly Updated—If You Allow It
Take a good look at the software you use now. Ask your systems administrator for a list of all the software you're running, and to run an update check for the server software.
Systems Administrators/IT Managers should do two things at least once a month:
- Test and schedule computer security updates for Windows/Mac and all software running.
- Check for software updates to all on-premise servers, firewalls, routers, and Wireless Access Points.
It’s natural to want to stay with software you know. But if that comfort turns into a server crash or security threat, it's not worth the risk. Keep your software up-to-date and retire software that's at its end-of-life.
P.S. – You can always check your Microsoft software’s end-of-life status at: Microsoft Product Lifecycle Search
Is something out-of-date in your business IT? Let us help! Please send your concerns and additional questions to firstname.lastname@example.org