Lyjotoblog

Windows XP end of support means big decisions for IT

 As of April 8, 2014, Microsoft will no longer offer extended support for Windows XP. The stalwart PC operating system has enjoyed more than a decade of success, and a fair share of business customers are in no rush to part ways. The approaching Windows XP end-of-life date leaves these IT shops with some big decisions to make. Do we really need to upgrade? If so, to what operating system? And how? If the Windows XP end of support has these questions bouncing around your head, here are some important considerations to take into account as you search for answers.

1. There's no direct Windows XP to Windows 7 upgrade path 

The architectural differences between the two operating systems make a direct Windows XP to Windows 7 upgrade impossible. User profiles and data can easily migrate from XP to Windows 7, but applications require new installations. And if your organization has 16-bit applications, they won't run on the 64-bit version of Windows 7. So if you thought you could wait until April 8, flip a few switches and call it a day, you have some catching up to do. 

2. Windows XP support costs are higher than you think 

Sometimes the cost of not doing anything is higher than the cost of taking action. That could very well be the case when it comes to moving off of Windows XP. In 2013, it cost $870 to maintain an XP machine, according to research firm IDC. That's more than five times the cost of supporting a Windows 7 machine. Consider how many PCs you have in your company, and your Windows XP support costs can really add up. 

3. Consider hidden Windows 7 upgrade costs 

Staying on Windows XP can be expensive, but that's not to say upgrades are cheap. Although Microsoft has run promotions to incent companies to upgrade, many IT professionals don't see any competitive advantage in doing so. In 2012, IDC calculated a three-year return on investment for moving from XP to Windows 7, but that didn't take into account hidden costs that can pop up. Unanticipated application compatibility problems can add to your Windows 7 upgrade costs. 

4. Use your XP migration to explore mobile, cloud computing 

These days, thinking about OS upgrades solely in terms of PCs may be shortsighted. If you plan to move from Windows XP to Windows 8, it might make sense to re-evaluate your entire endpoint strategy. Windows 8 and 8.1 devices blur the lines between PCs and tablets, and the operating systems' tiled interfaces take their cues from Windows Phone. A Windows XP migration presents an opportunity to explore and expand the role of mobile devices, apps and cloud services. 

5. Windows XP anti-malware support isn't ending yet 

One of the biggest risks of staying on Windows XP after extended support ends is that Microsoft will no longer provide security updates. Now, XP shops have some extra time to deal with that situation. Three months before the end of life date, Microsoft announced a one-year extension of its Windows XP anti-malware support. The extension applies to five Microsoft products that provide protection for XP. 

TIPS FOR WINDOWS XP MIGRATION

• Audit all desktop software to see how applications are being used
• Rationalise applications based on business usage
• Identify applications that can be migrated to Windows 7 without modification
• For those that cannot be modified, consider virtualisation or use Browsium for IE6 application

Should companies continue running XP, even after support ends? Unless money is no object, the short answer is 'no'

CIOs may not wish to carry on running a 12-year-old desktop operating system (OS), but many have no choice. Support for Windows XP will end on 8 April 2014, but there are thousands of applications that cannot be moved to a newer OS because they are incompatible.

Originally launched in 2001, Windows XP is Microsoft's most successful operating system. Once the company had revamped security and hardened the bug-ridden Internet Explorer (IE) web browser in 2004, XP evolved into a relatively stable platform with the Service Pack 2 (SP2) release.

Microsoft tried to convince enterprises to refresh their desktop OS with Windows Vista in 2005, but many had just upgraded to Windows XP SP2 so did not have the stomach, or the cash, to refresh PCs again.

Even Windows 7, which was released in 2009, has been a bit of a slow burner for Microsoft.

But unlike Vista, many businesses have bought into the upgrade path and are migrating from XP to Windows 7.

Why move at all?

“With Microsoft withdrawing support in April 2014, there won’t be any more patch Tuesdays for Windows XP,” warns Grant Tiller, senior product manager at RES Software. “Rather than take a straight upgrade to Windows 7, people are looking at alternatives, one of which is to stick with XP.”

However, as previously reported, the migration is such a large step that there will inevitably be applications that cannot be moved.

Tiller says IT leaders must check whether any specialist in-house code will support the new OS. Many in-house applications are written for a browser front end, but some browser applications written for IE6 on XP will not run correctly on IE8 in Windows 7.

Application virtualisation

"The migration from XP to Windows 7 or 8 is way behind schedule,” says Garry Owen, senior product marketing manager at VMware. “Now there is almost no choice.” 

Since there will be no scheduled security patches from next April, he says companies continuing to run Windows XP face the risk of targeted hacking attacks. 

“In the US, we are seeing class action from shareholders of companies which have not considered a migration because there is a massive compliance issue,” says Owen.

One of the options open to the IT department is to run XP in a sandboxed environment, such as by using Citrix or VMware.

VMware recommends virtualising applications that cannot be migrated to Windows 7. Its ThinApp application virtualisation software takes an old application and encapsulates it with all the software components its needs to run in a single .exe file. 

“You can run IE6 on ThinApp and it runs on top of Windows 7. We have thousands of customers doing this,” says Owen.

Inevitably, there will be some applications that cannot be moved. 

Oren Taylor, director at CDG, says the XP support deadline will force organisations to rationalise their desktop application estate. 

Licensing restrictions

According to Gartner, Microsoft supports the virtualisation of IE6 applications only if the IT department runs its Terminal Services software or chooses to run Windows XP in a virtual machine locally.

Migrating XP onto a server that runs Microsoft Terminal Services may give businesses a way to keep Windows XP running securely, but there are restrictions.

Microsoft states it does not support the use of Microsoft Application Virtualisation (App-V) or similar third-party application virtualisation products to virtualise IE6 as an “application” enabling multiple versions of Internet Explorer on a single operating system. 

In addition, the terms under which Windows and IE6 are licensed do not permit IE6 “application” virtualisation. Microsoft supports and licenses IE6 only for use as part of the Windows operating system, not as a standalone application.

If users follow the wording, then Microsoft effectively forbids companies from using application virtualisation to run IE6 applications – even though these applications can run in a virtual environment.

To remain compliant with the Microsoft end user licence agreement (EULA), the only option open to businesses which have a requirement to continue running IE6 applications is to virtualise the whole OS.

But on its TechNet site, Microsoft stipulates that users can only run Windows Server 2003 to virtualise IE6. “This means you cannot take advantage of the Terminal Services RemoteApp capabilities in the Windows Server 2008 R2 operating system. It also means that in July 2015, when Windows Server 2003 support ends, the IT department will need to rethink its XP strategy."

According to CDG’s Taylor, one option open to IT – and one that is gaining acceptance – is to use a third-party product from Browsium. HMRC recently awarded the US start-up a £50m contract for Browsium’s browser emulation software, which enables IE6 to run securely on top of a modern version of IE.

Weigh up the options

With thousands of desktop applications to test, any business embarking on a Windows XP migration now is unlikely to finish before support ceases in April 2014. 

David Angwin, marketing director for Dell Wyse, recommends that IT departments run a full audit of every application in their desktop software portfolio. 

“Most organisations do not know what people run and there are lots of software licences not being used,” he says.

Once a survey of the desktop estate has been run, IT then needs to decide whether to upgrade to Windows 7 or Windows 8, and whether desktop virtualisation is suitable for some users. In spite of largely being regarded as the best option for enterprises, moving to Windows 7 will have its own limitations. For instance, mainstream support ends in January 2015 and the OS will only be supported until 2020.

Many companies are unlikely to opt for Windows 8, however, since the touch user interface (UI) is not ideal in a traditional enterprise desktop environment.

So should companies continue running XP, even after support ends?

Unless money is no object, the short answer is "no”. The cost of custom fixes runs into hundreds of thousands of pounds and, as VMware’s Owen points out, the CIO or IT director may face the wrath of shareholders concerned about security risks. 

Running XP in a virtual machine may work for now, but this approach is only valid while support is still available for Windows Server 2003. As for running IE6 applications using application virtualisation, Microsoft’s licensing denies this as an option.

Summary: Even though the world won't end because of Microsoft's withdrawal of support for Windows XP, those left clinging to the OS after April's deadline still face a number of issues.

Some twelve-and-a-half years after Windows XP first went on sale, Microsoft is turning off support for the operating system. From 8 April there'll be no further free updates or security patches.

There's nothing new about software reaching the end of its commercial life. But the trouble with Windows XP is that it's still reckoned to run between a quarter and a third of the world's desktops.

The sheer scale of XP's legacy means many organisations and individuals now find themselves in the same boat, perhaps because of the difficulty of migrating certain apps, the cost, or simple inertia.

Given that XP users have already shrugged off the arrival of Vista, Windows 7 and Windows 8 without shifting operating system, they may think their first option is just to stay put. After all, Microsoft has had more than 12 years to patch the OS, so surely most vulnerabilities will have been found by now?

"I'm not a believer that you're not going to see anything else," said James Lyne, global head of security research at Sophos. "There's been a healthy supply of [vulnerabilities] for many years now. It would be a turn-up for the books if all of a sudden that ceased to be a problem and the operating system magically became secure," added Lyne.

In fact, criminals may have been stashing away exploits to use once Microsoft has departed the scene, leaving the OS open to unpublished lines of attack, according to Gartner Research vice-president and research director Michael Silver.

"There's certainly a possibility of some vulnerabilities that were already known that haven't been exploited yet. From 8 April or 9 April you could see a number of attacks that people have been holding back," he said.

This pattern of behaviour has certainly been seen before, Sophos' James Lyne points out.

"For example, I remember with Mozilla Firefox — back in the days before Firefox would just update to the latest versions — we would see cybercriminals specifically targeting the versions that were no longer updated," Lyne said. "They knew a significant number of people would still be running them. So in microcosm — it's a small example by comparison — that behaviour has been seen, but this is going to be somewhat of a first in terms of such widespread use of a platform."

------- Read More ----->

A special form of sniffing into “Big Data”, which we spoke about previously, is called “Data Mining”. The Term “Data Mining” is a lot older then “Big Data”. This is because the vast amounts of digital data out there, is a thing of the past couple or years. The reasons why the large amounts of stored data have increased is because the storage-media are becoming cheaper and cheaper. “Data Mining” is the analyzing of information stored and available in databases. If you own a Government ID, and most people have, then it’s easy for the Government to collect and portrait your personal information. Another use is, collecting specific information, from the millions of records (All personal information) in this ID-database, related to professions, salary or environments etc. Unfortunately you can’t object to this. The government is wise enough not to tell you if someone in your area entered similar ID-information. If they did they would breach the privacy laws and there are very strict rules regarding this. If we are talking about information in databases as the likes of Google, Facebook and even Twitter, then you can imagine the kind of interesting information that is collectable. Commercially this is interesting and valuable. ”Data Mining” is illegal from databases not owned by the owner. People, who are on LinkedIn, regularly receive messages about people with similar education or who have similar sympathizers. This is all OK, as long as you gave permission for this. Most people though, tick these boxes, without actually reading the small print, when signing up. Imagine all the different databases out there connected to each other and the Big Brother effect this would create. But isn’t this already happening?

Sometimes we hear remarks like; “In the past 50 years we extended our knowledge and insights more than in the past 2000 years”. Although this is hard to proof, you could also claim that people didn’t grew more intelligent, compared to the past 2000 years. Of course, we gained massive amounts of knowledge and wisdom, so much so, it’s too much for one person to comprehend and understand. We are very good at collecting massive amounts of data, which collectively increase our knowledge. Better then, compared to the past 2000 years. The relative gradual progression of (scientific) history and the saltatory changes over the past decade are witness to this. The medical sciences alone demonstrate this.

Are we collecting to much data? Are we capable of handling this amount of data? No, WE CAN NOT. We need computers to do this, just as computers made us create this huge amount of data. IBM announced that 90% of data we own have been generated in the past two years. These “Big Data” are generated everywhere; from social media, sensor information, digital photos and movies, money transactions, mobile phone traffic, e-mail traffic and so on. The Art, or better, the Necessity is to create structure or meaning from these immense streams off data. The problem is, this data is not always read or interpreted correctly. So there is a growing need of making sense but also of slinking down these massive data streams. Are we maybe missing some data which a computer might not miss? It is well possible, but a computer can’t do this spontaneous? It needs the right software programmed. And if placed on the right analysis stream it might be capable of detecting (obsolescence or redundancy, too big data complexities) something we can learn a great deal from. Maybe we learn how to streamline or simplify digital processes.

A special form of sniffing in “Big Data” is called “Data Mining”, more about this subject later on.