Story image

Still running Windows XP? Top 10 ways to stay secure in Enterprise...

10 Apr 2014

Microsoft’s support for Windows XP ended yesterday. However, Gartner estimates that one-tGartnhird of enterprises currently have more than 10 percent of their systems remaining on XP.

According to the analyst firm the issue is not whether the continued use of XP entails risk. It does. The issue is whether the continued use of XP represents manageable and tolerable risk to the enterprise.

"Any system, supported or not, carries risk," says Neil MacDonald, vice president and Gartner Fellow

"For the majority of use cases, XP can continue to be used with the risk managed to a tolerable level, without requiring the enterprise to pay Microsoft for expensive custom support while migrations are completed.

"While doing nothing is an option, we do not believe that most organisations (or their auditors) will find this level of risk acceptable."

If XP systems are continued to be used, Gartner recommends that organisations follow the 10 best practices below to reduce the risk of using these systems to a tolerable level.

Restrict Network Connectivity to the Minimum Possible:

Protecting XP systems is easier when other systems can't communicate to them over the network, the primary vector for attacks.

Implement an Application Control Solution and Memory Protection:

This can be accomplished using a dedicated solution, a host-based intrusion prevention system (IPS), or Microsoft's Group Policy object (GPO)-based software restriction policies to establish a "lockdown" posture for XP to prevent the execution of arbitrary code.

Remove Administrative Rights:

This should be mandatory for all remaining users on Windows XP.

Address the Most Common Attack Vectors — Web Browsing and Email:

Remove Web browsing and email software from XP systems, and provide these capabilities from a server-based system that is up to date.

Keep the Rest of the Software Stack Updated Where Possible, Including Office:

Vendors of other software solutions and versions running on these XP systems may continue support. This further minimizes the vulnerable surface area that can be attacked.

Use a network or host-based IPS to Shield XP Systems from Attack:

Confirm that your IPS vendor will continue to research vulnerabilities and attacks on XP and provide filters and rules to block these attacks where possible.

Monitor Microsoft:

Microsoft will not publicly disclose if new vulnerabilities against XP are discovered (unless you have paid for custom support). However, pay particular attention to critical vulnerabilities that affect Windows Server 2003 as these will likely impact XP.

Monitor Community Chat Boards and Threat Intelligence Feeds:

Third-party threat intelligence feeds are an independent source of information. Communities of interest are expected to emerge specifically for sharing information related to XP.

Have a Predefined Process Ready If an XP Breach Occurs:

Have a plan to isolate XP workstations in the event of an attack that gains a foothold by quarantining these systems from a network perspective until mitigating steps are understood.

Perform a Cost/Benefit Analysis:

The cost and resources to implement the steps above might be better spent in accelerating the migration of the remaining XP systems, or it might be simpler to pay Microsoft for custom support.

If organisations do not implement these best practices, Gartner advises that they could consider paying Microsoft for custom support if the enterprises’ risk tolerance is low, or if regulations require.

Protecting data centres from fire – your options
Chubb's Pierre Thorne discusses the countless potential implications of a data centre outage, and how to avoid them.
Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
HPE launches 'right mix' hybrid cloud assessment tool
HPE has launched an ‘industry-first assessment software’ to help businesses work out the right mix of hybrid cloud for their needs.
ADLINK and Charles announce multi-access pole-mounted edge AI solution
The new solution is a compact low profile pole or wall mountable unit based on an integration of ADLINK’s latest AI Edge Server MECS-7210 and Charles’ SC102 Micro Edge Enclosure.