If you haven't retired Windows XP and haven't been fired yet, get busy

"You're putting your organisation at risk"

CIOs who haven't moved their companies from Windows XP by now ought to be fired, some people think, but those who haven't and are still on the job have options for saving their bacon.

"Start," is the first piece of advice from Shawn Allaway, CEO of Converter Technology, which specialises in migrating businesses to new versions of Windows and Microsoft Office. Even if the project isn't completed before Microsoft ends support for XP on April 8, it's important to minimise the window of exposure during which XP runs unsupported on corporate networks.

Those who haven't started yet probably should be fired for leaving their businesses open to the impending threat, he says. "This is not like Microsoft dropped this on you six months ago," he said. "You're putting your organisation at risk."

That threat is that vulnerabilities discovered after April 8 will never be patched by Microsoft, leaving Windows XP open to an ever expanding range of attacks. In addition, many applications will no longer be supported when running on Windows XP, Gartner warns.It's possible and even desirable to sign a custom support contract with Microsoft that provides continued upgrades after the end-of-support date, but it is also expensive, says Directions on Microsoft. If that's not possible, the main goal is to minimize risks caused by using unsupported XP, which means a review and possible beefing up of security.

Isolating XP machines on corporate networks and limiting what devices they can communicate with is essential, and there are tools for this. For instance Unisys Stealth can limit a machine's access to other machines and hide it from attackers, says Unisys CIO Dave Frymier. A Stealth shim in the IP stack of XP machines sits between the link and network layers to decrypt IP payloads if it can and drops packets when it can't. A machine can talk to another only if it is a member of the same community of interest as defined by Active Directory, he says.

Migrating isn't a quick process, and the larger the network, the longer it takes. The rule of thumb is that for a 10,000-desktop network with 15 offices, it will take two to three months to complete the project, Allaway says.

A first step toward the transition is testing application compatibility with a newer operating system, getting new licensing agreements and assessing the need for and buying new hardware.

Like any OS rollout, this one will be done in phases. Organizations that think they'll miss the deadline should prioritize their applications and users and migrate the most important and most vulnerable first to reduce the risks, Gartner says.

Some of the preparatory steps can be sped up using tools. For example ChangeBase and AppDNA can help determine whether business apps are compatible with newer OSs. If not businesses may need to buy newer versions that are or in the case of custom software, recoding it, Allaway says.

Microsoft is offering a free and now unsupported version of Laplink's PCmover Express for Windows XP to transfer files from XP machines to machines with newer operating systems. PCmover Professional ($60) also moves applications, if that's called for.

Allaway says it's a good time to rid the network of deadware rogue apps installed by end users or corporate apps that are no longer used that have avoided detection during housecleaning over the years. "There's a sense of urgency [about the XP migration] but clean a little junk out of your network if you can," Allaway says. Those who have waited a decade to upgrade the operating system may have let this slide.

If an apps inventory is long overdue, it is also a good time to check whether apps licenses are in synch with the number of workers actually using the software. Restructuring license agreements may produce cost savings, he says.

PC upgrades may be needed to support a new operating system, but hardware needs may go beyond that. Old printers may lack drivers for Windows 7 or Windows 8, and there may be some machines such as faxes that may not be necessary at all anymore, he says.

Like any desktop refresh project moving to Windows 7 or Windows 8/8.1 requires someone in charge, either in-house or a consultant, a plan for a phased rollout and personnel to help resolve the inevitable issues that will arise after the rollout. "Don't resource-starve the project," Allaway says. "It ultimately costs more and takes longer."

One thing to remember is that on April 8. Windows XP will keep chugging along, but the risk of being successfully attacked goes up more and more after that. "It's not Y2K where come April it's not going to work," he says.

Tim Greene covers Microsoft and unified communications for Network World and writes the Mostly Microsoft blog. Reach him at tgreene@nww.com and follow him on Twitter @Tim_Greene.

Read more about software in Network World's Software section.

Tags GartnerMicrosoftWindowssoftwareCIOoperating systems

More about GartnerLaplinkMicrosoftTechnologyUnisys Australia

2 Comments

James Havant

1

Microsoft should let XP die a natural death... this cut-off of support on April 8th is nothing short of disgusting and a sheer example of blatant profiteering. With users being forced to buy new OS and or hardware caused by dumping perfectly servicable PC's using XP. This will put many small companys to the wall... either by the cost involved or because of the enevitable virus and malware attacks. Microsoft will never be forgiven for this; with all their billions of profit over the years.... they should continue to support the 400 million plus users that still use XP until the enevitable hardware failures and new software force XP out of the market through natural wastage. If a major virus attack is let lose on the worlds PC's because of in-roads via an unsupported XP; Microsoft will deservidly get the blame; this could possibly cause it's eventual downfall by a lack of confidence in the company and its products. Bill Gates needs to step in here with some common sense and stop this madness before its to late and insist that Microsoft will continue to support XP.

Constable Odo

2

Forcing users to upgrade is definitely profiteering. As near as I can tell, Windows XP is a very fine OS but Microsoft wants to move users away if they're going to keep making money from Windows. Both Windows 7 and Windows 8 are modern OSes and maybe it is time for people to transition if they're using up-to-date hardware.

I have Windows 7 and Windows 8.1 running on virtual engines and I've been using them both. I like them. However, I don't see much of a need for Windows XP users to be forced to dump something that certainly works perfectly well for them. Consumers and businesses have to be convinced that Windows XP isn't good enough for them and I think that's going to be hard to do. Windows XP has decent browsers, email clients and general apps that are definitely usable, so I see no point in it having to go away. Free MSE seems to keep all the virus nasties at bay.

Comments are now closed

Telstra, NBN Co back in court this April

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]