Millions of PCs are still running XP and migrations are no easy process, so many firms are likely to remain at risk for some time.
To help mitigate these risks Neil MacDonald, vice president and Gartner fellow, has outlined a series of key survival tips that could help, as “doing nothing” is not an option.
Get offline
The top tip on his list is the need to remove network connectivity for XP machines wherever possible. “Protecting XP systems is easier when other systems can't communicate to them over the network, the primary vector for attacks,” MacDonald wrote.
As part of this, MacDonald also suggested removing the ability for XP machines to browse the web and run email systems, two very common attack routes, and instead only provide this capability via a server with up-to-date software.
Stay updated elsewhere
Removing administrative rights is another basic step that firms should embrace to stop users installing anything untoward on their machine. "This should be mandatory for all remaining users on Windows XP," he said.
Conversely, though, ensuring other software in use on XP machines is up-to-date could also reduce security threats, so IT staff will have to manage this balance. "This further minimises the vulnerable surface area that can be attacked."
Keep your eyes and ears open
Furthermore, while Microsoft has ended support for XP, MacDonald advised keeping an eye on security releases for other operating systems, as these may hint at issues within XP. “Pay particular attention to critical vulnerabilities that affect Windows Server 2003 as these will likely impact XP,” he explained.
As part of this, monitoring community boards and threat intelligence feeds where XP-related issues are being discussed is also a great source of information that could prove helpful, MacDonald added.
Have a plan should the worse happen
If an attack does occur, having a plan in place for dealing with the incident is vital, as it could help isolate the infected machines and ensure any malware does not spread further.
Finally, MacDonald advises performing a cost-benefit analysis to see if shelling out for a migration, or even custom support from Microsoft, may actually be quicker and cheaper than going though the mitigation steps outlined above.
No comments:
Post a Comment