What is End-of-Life (EOL) and how it creates risk.
As a new manager or director for a company, you’re likely interested in getting the lay of the land. This can be achieved through discovering what various risks are through the organization. Executive and owners are probably busy with the day-to-day worries about growth and profitability. At the same time, underneath, there may be risks unrealized. Even if you’re a long-term manager or director for your organization, you may have done a risk assessment earlier in your employment or career. Still, as the years progress, risks tend to grow. You may have noticed recently that your computer equipment looks a bit aged. Aged equipment can present more than just risk associated with crashing software, lack of connectivity, or even something as simple as broken keys on a keyboard. Depending on how long ago that equipment was updated, there may be significant vulnerabilities to ransomware and malware, which could potentially shut down your organization for weeks. The process to discover the risks is often through a technical assessment.
Technical assessments and audits can mean a lot of different things. The scope of what they review can be vast and very comprehensive. Some of the core pieces that a technical assessment will look at are end-of-life software and warranties related to your various specialized hardware. Hardware reviewed would include workstations, servers, firewalls, switches, storage devices, and much more. Regarding significant risk, the review of end-of-life software and warranties can present some of the highest.
End-of-life software is typically found on servers in workstations. It is associated with the operating system on each. The operating system on a workstation allows you to navigate the display on your screen, clicking on icons organizing files accessing browsers without writing complicated code. The same is more or less accurate for server operating systems, allowing you to categorize and efficiently segment and manage the various processes you placed there. Depending on the type of operating system you deploy, typically from Microsoft, there will be frequent updates. These updates contain security patches for both your workstations and servers. End-of-life software means that the vendor no longer supports that current version. What this means is that security updates and patches are no longer sent.
Unknown Warranty expiration can create risk too.
Often, there are warranties associated with each part of the hardware that is a part of your network. Warranties for servers, workstations, firewalls switches are the most common. These warranties are usually paid upfront at the time of purchase. Warranties can last anywhere from one to sometimes five years. And depending on the vendor, warranties can be renewed close or at the end of the term for additional years, often a smaller period than the original warranty, one to three years. When a warranty is expired, this means that the time that was purchased is up. Warranties provide a first in line or a guaranteed availability of parts and labour to replace components that fail with the various hardware associated with your network. Often times vendors will hold stock of these components for those who have warranties. If your warranty is expired, access to inventory is limited and, in some cases, non-existent. What this means is a delay in service and then some instances, no availability to parts.
What is the risk of End-of-Life Software?
End-of-life software leaves your network vulnerable to ransomware and attacks. Hackers prioritize networks and equipment that have operating systems that are end of life. This is low-hanging fruit for a hacker to gain access to your network. The risk that this means is that ransomware could lock out workers and access to potentially specialized equipment, meaning that you can no longer perform any work. Downtime is not the only risk associated with ransomware through end-of-life software. Emergency service overtime and new hardware purchases are all the costs related to the risk of end of life software. The same is more or less accurate with expired warranties. Having an expired warranty means that you may not have access to a replacement part. This can extend downtime, increasing emergency service, and potentially buying new equipment when a component fails.
How to identify end-of-life software and expired warranties.
A technical assessment will identify these risk points. It will show best practice gaps. Once identified, these risk points can be addressed through various options integrated into your overall corporate strategy or strategic plan. Knowing you have end-of-life software currently on the network or soon to be on the network, you can begin to prioritize upgrades. These upgrades are not just limited to physical hardware anymore. If your organization has been considering migrating to the cloud, addressing end-of-life software can help expedite these considerations. When you move your servers to the cloud, you no longer have to worry about end-of-life software or warranties. The cloud provider typically holds the updates associated with operating systems and the maintenance of cloud infrastructure. They are part of what you pay monthly for the service. Transitioning to the cloud provides more than just cost reduction in warranties and upgrades to new equipment or operating systems. Cloud infrastructure can make your company more dynamic by only paying for what you need and having the availability to scale up or down depending on your needs. Completing a technical audit can help build a strategic plan that addresses more than just the software and availability of parts. IT also builds towards more productive and efficient use of the technology your company uses and relies on.
Solut has performed many technical assessments. Our vCIOs can help build a strategic plan and road map as part of an overall corporate strategy.