Windows 7 support has ended, now what?

Here is what you should understand about running Windows 7 after the End-of-Life support expiration. Security risks are present with all systems on the internet today, but with Windows 7 there is now an increased risk due to the age of the original system and the end of security patches. It's true that these systems will continue to function, but you are putting your personal and business data and systems at risk. These risks include: data loss and potential loss of employee production.


From Microsoft:

After 10 years, support for Windows 7 ended on January 14, 2020. If you continue to use Windows 7 after support has ended, your PC will still work, but it will become more vulnerable to security risks and viruses because you will no longer receive software updates, including security updates, from Microsoft. Microsoft strongly recommends that you move to a new PC running Windows 10 to avoid a situation where you need service or support that is no longer available. 

original post


From Able Solutions:

While Windows 7 end-of-life doesn’t mean that Windows 7 will stop functioning, it does mean that it can very quickly become vulnerable to malware and attacks that can put your business at risk. During Windows 7’s extended support phase, Microsoft has continually released patches to address new security flaws. In April 2019 alone, Microsoft patched 29 vulnerabilities in Windows 7, six of which were rated critical and the remaining 23 rated important. This shows both the sheer number of exploits that continue to crop up for Windows 7 and the effort that Microsoft continues to put into addressing those flaws.


According to the Ponemon Institute’s 2018 report on the State of Cybersecurity in Small and Medium businesses (SMBs), 67% of respondents had experienced some sort of cyber-attack and 58% had a data breach involving customer or employee information. Considering the number of Windows 7 systems that remain in use in businesses, it’s safe to assume that these numbers will not shrink

original post


From ZDnet:

Put simply, if a new security vulnerability or software bug is uncovered in Windows 7, Microsoft is no longer obliged to release any sort of patch to fix the issue on the unsupported operating system; and that's something that could put individuals and organizations that still rely on Windows 7 in danger from cyberattacks, hacking and malware.


Such is the potential risk posed by this that the UK's National Cyber Security Centre – the cyber arm of the GCHQ intelligence service – has issued a warning over the continued use of Windows 7 PCs and laptops, telling users they shouldn't use Windows 7 devices when accessing personal data.

original post


TechStar Agreement Terms:

3. CUSTOMER RESPONSIBILITIES Although TechStar strives to be able to service our CUSTOMERs entire IT needs, some responsibilities remain with the client and their staff.   

3.1. The CUSTOMER must provide TechStar with all appropriate usernames and passwords required to access network resources (i.e. Administrator usernames and passwords, router telnet passwords) and maintain all necessary media, license keys, and vendor contact numbers and provide access to that information when needed.  

3.2. The CUSTOMER must communicate to TechStar all staff changes including the addition and removal of employees and changes in responsibilities of and privileges extended to employees. 

3.4. The CUSTOMER must maintain TechStar approved network equipment; including firewalls, managed switches, and wireless access points. Addition of non-approved network equipment is a violation of this agreement.

3.5. Due to the complexity and wide variety of technologies in any network environment, the CUSTOMER must notify TechStar via support ticket of all client-initiated changes to equipment and applications, changes to supported systems made by the CUSTOMER, maintain genuine licensed and vendor-supported Server and Desktop software, maintain active Line of Business application vendor support, maintain TechStar installed tools on supported devices, commit to only managed devices on secured client network, help maintain and update a Business Continuity Plan. 

3.6. It is the responsibility of the CUSTOMER to clearly identify all data the needs to be backed up and it is then the responsibly of the Customer to follow data storage policies defined by TechStar. 


4. CYBERSECURITY INCIDENT Cybersecurity Incident is defined as, but not limited to the following types of Cybersecurity Incidents; Malware, Phishing and Spear Phishing, Cryptolocker, Ransomware or Man-in-the-middle attacks. 

4.1. To reduce the risk of a cybersecurity incident you should participate in Annual Cybersecurity Training provided in this agreement.  It is also recommended to participate in the ongoing Breach Protection Plan (BPP) that is available as an add-on to this agreement. It is also our recommendation that CUSTOMERS maintain a Cybersecurity Insurance Policy to cover the costs of a cybersecurity incident. 

4.2 This agreement does NOT cover the costs of services in the event of a cybersecurity incident. TechStar shall not be held liable, directly or indirectly for any damages, losses or expenses arising out of any cybersecurity incident. 

4.3. TechStar will provide support to help restore systems and/or data loss due to a Cybersecurity Incident on a billable basis as needed, outside of this agreement. 

4.4. This agreement is not a Cybersecurity Insurance Policy.  A Cybersecurity Insurance Policy is available as an add-on service if needed. 

original post