It’s time to retire your old Windows XP computers. After April 8, 2014, Microsoft will stop releasing security patches for Windows XP. When this occurs, XP will no longer be HIPAA compliant. Computer experts predict a frenzy of hacker attacks on XP will follow, so if you’re still using computers with Windows XP, now is the time to upgrade.
The Microsoft website states:
“As per this policy, Microsoft Business and Developer products, including Windows and Office products, receive a minimum of 10 years of support (5 years Mainstream Support and 5 years Extended Support), at the supported service pack level. . . Thus, Windows XP SP3 and Office 2003 will go out of support on April 8, 2014. If your organization has not started the migration to a modern desktop, you are late.”
Certainly larger law firms, particularly those that can afford an in-house IT specialist or outsource such work, have long ago moved to newer platforms which are scalable and offer necessary security updates and software patches. However, solo and small firms may still be using the venerable XP platform. While XP may seemingly satisfy your computing needs, vulnerabilities existent or discovered on the old system after April 8, 2014 are likely to increase risks to your practice. Simply and for safety, it’s time for you to migrate to a modern operating system like Windows 7 or Windows 8, if you continue to be PC based.
Because XP has been such a success in the market place, it has a big red target on it for cyber criminals. Tim Rains, Microsoft Director of Product Management in the company’s Trustworthy Computing Group, writes in his blog:
“What is the risk of continuing to run Windows XP after its end of support date? One risk is that attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders.”
Internet Explorer will be the most likely avenue through which a computer can be hacked. If you’re on XP, you are on a version of IE that is already close to 3 generations old and will no longer be getting vital updates to protect your system. Larry Seltzer on the ZDnet blog further points out:
“If . . . you care about updates you're probably using Windows Update, and therefore automatically running the Malicious Software Removal Tool every month. Not any more after April 2014. . . And it’s not exactly a wave yet, but more and more software is not supporting XP, or at least not well.”
Amazingly, as recently as 2010 some new computers were sold with XP installed. If that gives you hope for the continued longevity for XP, I’m sorry, but you must give up that hope. XP just is not fit to survive in this mad and dangerous digital age. Every product out there has a lifecycle, and on April 8, 2014 XP’s will end.
Protect your law practice. Go out there and upgrade!
Infection rate (CCM) by operating system and service pack in the fourth quarter of 2012 as reported in the Microsoft Security Intelligence Report volume 14
Kiffin Hope+ is the Social Media Community Manager for ALPS. He runs the ALPS 411 law blog, working with contributors from around the country. His posts cover tech, cyber security threats, and smartphones.