Why Using Past End of Life Systems Puts You at Risk
If you have followed communications from SWK Technologies for any time, then you should already know at least some of the dangers of running out of date software – if you are a newcomer, then we will teach you exactly why systems past end of life put you at risk. Any application or operating system (OS) that is no longer being updated is not supported by the developer, and will consequently lack critical patches released regularly for changes in functionality, compliance and cybersecurity.
There are many reasons that a solution could reach EOL, but most often publishers set multiple hard deadlines for when they will slowly begin scaling back support over a period of time so that they can begin diverting resources to other projects. While we at SWK are here to ensure you get the most out of your technology, our options also become limited when your systems are no longer supported by the vendor and we recommend updating or finding an alternative sooner rather than later. SWK can help you chart either path, contributing our expertise in both software and IT solutions to give you a clearer course on upgrading your applications and infrastructure to a version that provides the best value return.
Here are some examples of software and OS that are out of date or may be approaching end of life and why you should update ASAP to avoid future dangers:
Microsoft Windows Products Past EOL/EOS
Several popular solutions and services offered by Microsoft have gone well past end of life – or “end of support” (EOS) as they term it – and must be migrated from immediately. Windows applications and OS are often given fairly long Mainstream Support lifecycles (usually 10 years), with Extended Support periods that deliver mostly security updates past the initial date, but once the final deadline passes your solution will remain as is. Users that wait too long to upgrade or migrate are putting themselves at the mercy of any hacker with knowledge of an exploit that will rarely, if ever, be patched again.
SQL Server 2008 and 2008 R2
SQL Server 2008 and SQL Server 2008 R2 both ceased receiving Mainstream Support in 2012, and Extended Support followed between 2019 and 2020 for each. Extended Security Updates (ESU) are available for a separate subscription charge for another three years (past the original EOL date). Microsoft SQL servers present an avenue for data breach that many hackers attempt to exploit, with dedicated brute force campaigns centered around this objective uncovered repeatedly over the years.
Windows Server 2008 and 2008 R2
Windows Server 2008 and Windows Server 2008 R2 reached EOS on January 14, 2020, with an ESU subscription also available for a maximum of three years after the end of support date that include security updates deemed “critical” and “important.” Those users on-premise will have to manually request and configure these updates while those in Azure should receive them automatically once registered through their Portal.
There is an entire ecosystem around leveraging EOS exploits for Windows Servers, and the hesitancy of many customers to go through the complex process of jumping between Windows Server 2012 and Windows Server 2019 has left many targets on 2008. Many partners and Microsoft themselves have admitted that many users preferred to wait out the end of life due to the possibilities of losing application access in an upgrade or being essentially forced to migrate to Azure without any other options.
Exchange Server 2010 reached EOS on October 13, 2020, although this itself was an extension from its original Extended Support deadline of January 14, 2020. Customers who wish to keep their servers on-premise can upgrade to a newer version (from Exchange 2013 to Exchange 2016), or migrate to Exchange Online with Microsoft 365 for a fully or hybrid cloud-hosted option.
Exchange servers are another frequent target of cyber attack, with Microsoft even pointing out that this avenue is growing in percentage of all of their products and services that are singled out by hackers. This can be seen in one such breach uncovered in 2021 by Chinese cybercriminal group Hafnium, which followed right on the heels of the SolarWinds revelations and seemingly pursued the same targets in the federal government as their Russian counterparts.
Windows 7 reached end of support on January 14, 2020 (along with Internet Explorer), and this particular EOS deadline caused quite a lot of stir in the cybersecurity world, even to the point of federal agencies like the FBI and NSA making announcements about it. A vulnerability discovered across this and older OS could allow hackers to install a worm type malware on one or more computers initially and then spread it to every other machine in the network. By leveraging exploits in the remote desktop protocol (RDP) of these legacy systems, an experienced attacker could create a cascade of shutdowns worse even than WannaCry.
Despite this, some individuals and organizations have held onto Windows 7 machines, and the danger posed was demonstrated during the Oldsmar, Florida water treatment facility hack that occurred around February, 2021. The facility was still using desktop with the OS that lacked even password protection, and either a disgruntled former employee or external hacker using data gained from COMB was able to raise chemicals added to the water to near fatal levels.
When to Upgrade Sage Software
As a top Sage partner and reseller, SWK Technologies is able to support your ERP and other Sage products with our Managed Cloud Services, and guide you through the complexities of upgrades and end of life migrations. Since several Sage solutions are built on software developed externally, including some Microsoft platforms, it is important to keep up with the lifecycles of these systems closely to determine when EOL may approach. Many applications are also continuously updated on regular cycles that can range in timeline, depending on the product, but will generally fall into two- to three-year intervals between supported versions.
Sage Abra & Microsoft VFP
Sage Abra was retired on December 28, 2020, to be able to divert resources from supporting the legacy platform it was built on, Microsoft Visual FoxPro (VFP). VFP was discontinued in 2013 and Sage had to work on it internally in order to be able to continue providing critical updates to users for regulatory and tax changes. SWK can help former Abra customers take advantage of a seamless migration path to Sage HRMS, or discover an alternative HR and payroll solution.
Sage 500 & Microsoft Visual Basic
Rumors of an impending end of life announcement for Sage 500 (fka MAS 500) have circulated for years, but as of 2021 there have been no stated plans to retire the solution on Sage’s side, although this may be another product at the mercy of Microsoft EOS. It was written in the Visual Basic 6.0 programming language, which officially reached end of support in 2008, but which will be continued to be updated up until at least the end of Windows 10’s lifecycle.
Sage 100 & Sage 100cloud
Sage 100 (fka MAS 90) is nowhere near EOL, but the nature of the ERP has changed with the advent of Sage 100cloud, which introduced subscription pricing and cloud connectivity to replace purely on-premise perpetual licensing. Users of the legacy system will miss out on the extensive roadmap being offered with the modern edition and will be limited to basic updates. Additionally, annual version releases come with a support lifespan of around two and a half years, so those businesses still on 2019 or older should consider speaking to their SWK CAM about an upgrade ASAP.
SWK is Here to Help Update Your Out of Date Software and Hardware
SWK will help address your pain points regarding upgrading or migrating your out of date software and legacy hardware, from desktops and laptops to servers. Whether you want to keep your solutions and data on-premise, migrate to the cloud or leverage a hybrid environment, SWK is here to provide you with the best, and most cost-effective options available.
Patch & Update Management with Cloud Systems
You may have noticed a trend with some of the Microsoft official migration paths, or maybe you already ran into the marketing pitch when seeking guidance on upgrading your servers, email system or OS. While Microsoft’s documentation can seem one-dimensional in promoting Azure, the truth is that cloud-hosted update and patch management significantly streamlines delivery and mitigates a lot of traditional pain points. Microsoft can take most of the legacy systems listed above and load them in a new digital instance, and your Microsoft 365 plan grants access to Exchange Online with web-hosted email servers.
However, if security for your data or compatibility with your customizations is a concern, then SWK’s Managed Cloud Services division will help you build a better path to migrate your technology stack fully to the cloud or to a hybrid environment. With real-time IT support tailored to your solutions and proactive cybersecurity monitoring, you will be better able to take advantage of existing resources while capturing more of the benefits of the cloud.
Upgrading Your Legacy Hardware & Software
If you elect to remain on-premise or want to adopt a slower migration journey to hybrid cloud, then SWK will still be able to leverage our deep managed service and software expertise to help replace out of date resources. We will help you replace your aging hardware and software with more modern systems and revitalize legacy infrastructure so that your systems will be as up to date as needed. Additionally, we will also monitor the health and security of your servers deployed onsite and provide proactive support to empower you to better maintain network integrity and limit downtime.
Avoid the Dangers of Out of Date Software and Update Now
Relying on out of date software and OS puts your business at extreme risk, and you must update any systems past EOL (or EOS) ASAP to avoid the dangers posed by hackers seeking to exploit unpatched vulnerabilities. Whether you want to move your critical functions to Microsoft’s cloud, SWK’s Secure Cloud with cybersecurity, or keep everything on-premise, SWK will support whichever upgrade path you choose with our award-winning managed services.
Contact SWK Technologies today to take advantage of our support services for your Microsoft, Sage or other out of date and discover how we can make upgrading your EOL systems less painful.
Talk to the Software & IT Experts at SWK