Security and 2020
As the end of the year approaches, Christmas decorations are popping up everywhere, we begin to reflect on the year, and plan for the next one. In business this generally means we think about the numbers, how much profit, how much we’ve spent, how we can maximise profits next year. It’s often the case that maintenance of IT systems is seen as discretionary expenditure and falls by the wayside. Keeping your systems up to date is very important for maintaining the smooth operation of your business. The festive period is normally a good opportunity to adjust things whilst there are fewer staff in the office, allowing full productivity when everyone is back at their desks in January.
At the end of January 2020, Microsoft is ending security updates and support for Windows 7, Server 2008R2 and Small Business Server 2011. Many businesses are still running these as part of their core systems. This means that if you’re still using these, your IT will continue to work after January but will no longer be able to defend your systems against newer and more complicated security threats. It also means that you will no longer be PCI compliant. Payment Card Industry (PCI) compliance means that you can confirm all of your systems are up to date and secure. Your card processing provider may still process your transactions if you don’t meet this standard, but they will charge you more for it. If you are PCI compliant, this is seen as due diligence and generally means that, should someone steal card details from you, you are less likely to be liable. However, if you are not compliant and someone steals details from you, you could be held accountable. This is likely to come with a costly legal battle.
There are options for replacing your core server and Active Directory with a later version (Server 2019 is current) or moving some or all services to the Cloud – not many people run their own internal Email server now, as they’re often more work and security liability than moving these systems to a cloud provider, such as Microsoft Office 365.
Whilst changing to new systems may seem like an unnecessary expense, it will save you time and money in the future, both by having faster systems and by preventing down time caused by old hardware failure, or malicious attacks. Current supported software also means ensuring that your card transactions continue to be PCI compliant, as not being compliant opens your business up to an easily avoided liability, and costs typically around 1% of card turnover – which can be a large sum.
Contact us if you want to talk about what to do about this. We can offer some advice and work with you to make a plan to move to newer systems with continued support.