“Doomsday is here! The sky is falling! Windows 7 is out of support and all hell will break loose!” – or, at least, that’s what some cybersecurity experts and press outlets want you to think. In this article, I will offer some advice to businesses of all sizes that may need to continue using Windows 7, while understanding the risk.
This is my opinion and should be taken as advice only. Every company is different, and your circumstances are likely to vary. Windows 7 has been Microsoft’s most successful operating system and, it’s safe to say, one of the most loved. Lessons learned from Windows XP, and especially Vista, allowed Microsoft to build a stable operating system that only required one Service Pack, despite being in use for over 10 years.
However, nothing lasts forever, and with Windows 7 end-of-support originally announced way back in 2015, the end ultimately arrived on January 14, 2020.
Microsoft is facing criticism for ending support for all but enterprise customers paying for extended support, but it’s worth noting that Apple faces no criticism for constantly upgrading iOS and MacOS and for (rather quickly) ending support for legacy versions of those OSes.
Of course, we still have to see whether the recent Crypto API spoofing vulnerability will test Microsoft’s resolve to keep Windows 7 unpatched for not-paying customers. Even Steve Gibson, world-renowned and respected security expert and my favorite podcaster, who swore that he would never move off from Windows 7, is now relenting and moving to Windows 10.
- I believe Microsoft has made tremendous progress in the security of their operating system, a process that famously started after the security mishaps of Windows XP and cumulated with a memo sent by Bill Gates (then CEO) to all staff back in 2002.
- Eighteen years and 4 major Windows versions later, we finally see the benefits of the Trustworthy Computing initiative: a secure-by-design operating client and server systems and applications for on-premise and cloud use.
- Here I want to list just a few security benefits of Windows 10:. Streamlined and automated security updates enabled by default.
- Windows Defender is now a state-of-the-art endpoint protection system, optimally designed to work on Windows 10 and utilizing the power of Microsoft Cloud for optimal protection.
- Core operating system protection with Device Guard, Secure Boot, Application Guard, Isolated browsing and many other features.
- Protected folders guarding against ransomware and document theft. My issue with Microsoft, though, is that not all of these security features are available in the Home edition, which is frequently purchased by individuals, families and small businesses.
- I urge Microsoft to reconsider this strategy – security should be part of the core operating system for all and not a paid feature, otherwise the concept of Trustworthy Computing cannot be fully delivered.
- There is also another reason to upgrade from Windows 7, and this is specifically relevant for businesses that must comply with the GDPR and equivalent regulations around the world.
- The GDPR requires security controls to be “secure by default” and “secure by design” with supplemental guidance quoting “state-of-the-art”.
- As Windows 7 is no longer a supported operating system, one cannot possibly succeed with an argument that keeping an End-Of-Life system operational in its processes is “state-of-the-art” security.
- Businesses continuing to run Windows 7 should tread carefully and keep Windows 7 at their peril.
The good news is that Microsoft still allows free transition to Windows 10. Compatibility should not be a big issue as Windows 10 can run on most systems that supported Windows 7. The simplest way to perform upgrades is to run the Windows 10 Upgrade Tool which checks the compatibility of your system and guides you through the upgrade. However, a big obstacle to upgrading could present legacy applications that simply won’t run on Windows 10.
Sometimes the upgrade is just not possible, so let me present some options for minimizing the risk of security breaches with Windows 7.
Please note, I don’t believe these would constitute sufficient compensating controls for GDPR compliance:. Virtualize Windows 7 on top of Windows 10 (available in Professional and Enterprise) and only use it for legacy applications2.
Limit or preferably block access to the Internet and email from machines running Windows 73.
- Enable the Windows 7 firewall and make it as restrictive as possible: whitelist only access to required systems and block all incoming traffic4.
- Increase security monitoring of Windows 7 access, file/registry changes and indicators of compromise – assume the operating system is insecure and has been compromised unless proven otherwise.
- All of the above controls are going to need human and financial resources, which I believe is a good incentive for organizations to fully migrate off Windows 7.
- As always, reach out to experts for more detailed advice if your organization is still on its journey to Windows 10. Those hoping that I was going to justify staying on Windows 7 are likely sorely disappointed.
- My advice is “upgrade, upgrade, and UPGRADE” – hardware where possible and operating system without due delay. The cost of new hardware may be daunting, but the cost of a security breach that would have been prevented on a patched, modern and supported system is likely to be much higher.
- Make your older computer run faster and more efficiently with a download of Windows 7 that lets you easily upgrade your operating system.
- Microsoft has released multiple versions of Windows over the years and constantly tries to improve the way each OS works.
Security benefits of Windows 10
Though the company later offered Windows 8, 8.1 and even 10, you may find that your older computer cannot support one of those newer versions. Windows 7 comes with some of the features you'll find on newer operating systems but will work well when installed on older devices.
- Windows 7 is a strong alternative to Vista and lacks some of the common problems found with that OS.
- It features an upgrade adviser that will run a quick check on your system that lets you know whether it will work with your computer.
- You'll also have access to an easy transfer feature that is great for those who upgraded from Windows XP.
- It will retain copies of all your files and programs and transfer all that information over when the new OS goes into effect.
- The newer OS keeps some of the features that users loved about Vista but upgrades those features to the next level.
The start menu on the bottom up on the bottom left of the screen lets you quick turn your computer on and off, access your settings and restart your computer.
- It also kept some of the themes and backgrounds you can choose from and retained some gadgets from the previous OS.