Windows 10 support ends - is an old device a security risk?

Windows 10 support ends - is an old device a security risk?

Microsoft has announced that Windows 10 EOS (End of Support) will occur in October 2025. After this, the operating system developer Microsoft will no longer provide new security and feature updates or technical support for devices running Windows 10.

Microsoft has, however, given Windows 10 users the opportunity to purchase a three-year extension to security updates by purchasing the Windows 10 Extended Security Updates program from Microsoft, which extends support for security updates by a maximum of three years. However, ESU does not bring new features or functionality to your device, but only applies to security updates. Microsoft emphasizes that ESU is not intended as a long-term solution, but rather as an interim step in the Windows 11 transition. If you have a device that does not allow you to update from Windows 11 due to hardware requirements, updating your device in the near future is very timely.

How will the end of support affect information security?

Each device manufacturer provides security updates for their network devices or operating systems for a predefined period of time. When a device or software stops receiving new security updates or technical support, it has reached the end of its lifecycle. This is called “End of life = EOL”. When security updates and technical support end, devices and old operating systems become vulnerable to security threats because new vulnerabilities are no longer fixed by the manufacturer. Criminals have long searched the Internet for devices with vulnerabilities and targeted them with attacks, hoping to gain access to the user’s files by exploiting the vulnerability.

Keeping systems and software up to date is very important for information security. Whenever possible, it is a good idea to automate device updates so that information security is not left to someone´s good memory. Outdated antivirus software may not protect the user from malicious websites, and the user may accidentally download a file that contains malware. This can, for example, spy on the user's activities and save login credentials, which can be used to encrypt the device's files.

By using an unpatched device, you can give a criminal access to your data or, on the other hand, give the opportunity to use the device in, for example, denial of service attacks. The criminal can also gain access to other devices on the same network. Remember that the criminal can also use the device they have taken over to send phishing messages or emails to other users. In terms of information security, the best possible thing to do is to get a new device for which security updates are available.

Information security maintenance

What needs to be updated regularly?

  • Security software (firewalls, antivirus)
  • Endpoint and mobile device operating systems
  • Internet browser
  • Applications / software
  • Router
  • Other smart devices on the network

Checklist for updating devices and operating systems:

  • Always follow the manufacturer's instructions for installing updates
  • If possible, turn on automatic updates, which will install them as soon as they are available.
  • If support for a device or software ends, replace it with a new one
  • Please note the life cycle of the device and software when purchasing, you can get information from the manufacturer.
  • If your company does remote work, remember to also protect network devices at home. Those should also be updated and their security must also be up to date.

Keep in mind that if you end up on a malicious website, you may see pop-up notifications warning you that your computer has a virus or that you need to update your software. Do not click on them, even if they look like they are for updating your operating system or peripherals. If you find an update notification suspicious, visit the software manufacturer's website and look for information about the update to verify its authenticity.

In many industries, information security standards such as ISO 27001 or GDPR require that the company's systems are up to date. Using an old system may result in violations and expose you to significant fines.

Tweet

Devices as a service from us

JMJping´s experts will help you with your purchases, we prefer well-known equipment manufacturers and equipment with a three-year warranty. onsite-guarantee, meaning that in the event of a fault, a repairman will come to the site. Our service model offers the end user, above all, peace of mind. When you want to expand or renew your company's IT equipment, we offer you new, ready-to-use equipment for a fixed monthly price. According to customer needs, we make you an offer and agree on a payment schedule with both you and the financing company. Computers, LAN devices, printers, copiers, firewalls and servers, all from one place.

We offer Lenovo, HP and Dell devices, among others.
Lenovo logo
HP logo
Dell logo

If your company's devices are running Windows 10, it's worth exploring your options now. If the operating system cannot be updated due to device requirements, you will inevitably have to purchase a new device. When it comes to IT devices, leasing is often a sensible option, as purchasing multiple devices at the same time is expensive and ties up the company's capital unnecessarily. As a leasing customer, you pay for the use of the products, meaning the financing company owns the devices for the duration of the contract. When the contract ends, you can choose whether to return the devices or redeem them for your own at market price.

Read more about equipment leasing
Through us, you can also purchase refurbished devices suitable for business use.

Send a message and ask more!
Facebook
LinkedIn
JMJping is every entrepreneur's reliable partner in information security matters
More articles