The end of XP support isn’t just a technology story. XP’s retirement will also have very real monetary consequences for millions of companies still using the OS. To put it another way—if your company is still using XP and you’re the one responsible for managing financial risk—it’s a story you can’t afford to ignore.
And like most stories, there’s a short version and a longer one. The short of it is simple… switch and switch now! But since that’s easier said than done in some cases, we’ll dig deeper and explore three main topics:
- A plain-talk explanation of what the XP retirement means.
- A discussion of the options moving forward.
- A round-up of some of the most popular financial applications affected by XP’s retirement.
Part I: What does the XP retirement mean?
Fundamentally, what does it mean that XP has been “retired”?
The XP retirement (or end-of-life) means that the OS is no longer being updated to address security vulnerabilities, sold, or actively supported by Microsoft.
This doesn’t mean that XP will stop working does it?
Nope. You can still turn your XP machine on and do the same things you did before. While the end of support means that future exploits will not be patched, no functionality has been “shut off.” Essentially, you’ll be okay—until you’re not.
When did XP get retired?
April 8th, 2014.
How serious is the XP security risk?
Pretty serious. Normally when a new security exploit comes out, Microsoft releases an update to patch the vulnerability in the OS. No longer.
The discontinuation of OS patches means that XP machines are at an increased risk of virus and malware infection. This matters even if you just have one XP workstation, as you are effectively only as secure as your weakest link in a networked environment.
Also, CNN.com among many others have been reporting that black-market vendors selling “exploit kits” have been stockpiling new attack signatures and waiting for the end of support to release them. A spokesperson from Microsoft estimated that the chance of malware infection rose by 66% following the end of support. (ComputerWorld.com)
Wait, what about firewalls and antivirus? Won’t that address the threats?
Antivirus software is inherently reactive. The bottom line is that AV programs don’t protect against threats that don’t exist yet; they need to understand the threat signature first. While antivirus publishers are still putting out updates for XP, the number of companies doing this will diminish over time. Firewalls can proactively block incoming traffic from sources deemed unreliable by your configuration, but as long as data is entering your network, there’s will always be some measure of risk.
How does the security risk translate into financial risk?
There is no way to put a percentage on the exact chance that your XP machines will be infected. There’s still too many unknowns. But you can do some rough math to figure the potential financial impact, should your systems become compromised.
The first questions to ask include: What applications do we run on XP and what’s the financial impact if we can’t utilize those applications? Interruption of service—which represents a major risk—may only be the tip of the iceberg though.
In the case of theft of user account data, the costs of a data breach are likely to be much higher. A recent Symantec study found that the average corporate cost associated per stolen user account record was $188 in the United States. (Symantec.com) Whether you’re doing the math on what that would mean for thousands of customers at a larger enterprise or hundreds at a smaller business, the numbers are attention-getters.
How many people are running XP?
It’s estimated that somewhere between 10% (W3Schools.com) and 28% (NetMarketShare.com) of desktops are still running XP—depending on whose sample numbers you look. There are 1.5B desktops according to TheGuardian.com, so somewhere between 150M and 400M+ users globally are likely running XP. No small amount!
Why are so many people still running XP?
The biggest reason is simply volume. Windows XP was the most popular OS—ever. The bottom line is that people liked XP. As a result, many users chose to keep the $120 in their pocket rather than pay to upgrade to Windows 7 or 8. But the decision to continue with XP for many wasn’t just about accepting “good enough.” Many companies are continuing to run older applications and hardware that may not be compatible with an upgrade to Windows 7 or Windows 8.
Is XP exposure just a problem for small business users?
No. Small businesses without dedicated IT departments to plan, prepare, and execute a switch may be especially prone to be late on XP upgrades, but they’re far from the only ones.
The financial industry has a major challenge on its hands as an estimated 75% of the worlds ATMs still run on Windows XP. (ScientificAmerican.com) Data security provider Avast recently reported that 96% of American schools have at least one XP machine—as budget expenditures tend to get prioritized to other things before computer upgrades. Industries such as manufacturing that tend toward the development of proprietary software for complex control systems also have a more complicated upgrade path and may be lagging in adopting newer OS’s. And, ironically, it’s the IRS that’s missed an April deadline this time—as more than half of the IRS workstations are still running XP. (TheRegister.co.uk)
Part II: Exploring the options
Does my company have to get rid of XP?
Actually, in some cases, the answer may be yes. According to Microsoft, health care organizations that are governed by HIPAA may not be able to meet compliance regulations continuing with XP. In most instances, though, change isn’t mandatory—it’s just the best option.
Remind me again why my company should ditch XP?
There are 4 main reasons.
- The security risk of continuing with XP creates an undue financial risk for your organization.
- New applications won’t be designed for XP and passing them up means surrendering a productivity advantage to your competition who will be using the better, stronger, and faster software.
- Your current applications—if they are still supported—will soon lose support—creating more security issues and in some cases shutting off functionality.
- Continuing with XP binds you to old hardware. Newer, more efficient hardware based on the 4th generation Intel® Core processor family will not run Windows XP.
When we upgrade to Windows 7 or Windows 8 will we need to budget for new workstations?
Are there any workarounds that will let us continue with Windows XP?
There are. But nothing you’ll feel particularly good about.
One option would be removing Windows XP desktops and running XP from a server with virtualization via Windows Terminal Services. By limiting the number of XP machines, this approach minimizes the risk profile somewhat, but certainly doesn’t remove it. Also, it may be a violation of Windows licensing, according to ComputerWeekly.
TechTarget.com recently floated the idea of using Windows Server 2003 R2 in place of Windows XP to run applications that aren’t compatible with Windows 7 or 8. But Windows Server 2003 R2 is slated for end of life in July of 2015—so managing a migration to Server 2003 that would require re-licensing again after such a short period likely won’t strike many organizations as financially palatable.
Another option that’s unlikely to be financially appetizing is Windows Custom Support program. It’s a “priced not to sell” type option offered by Microsoft mostly as a final stopgap to address customer complaints from corporate accounts. This limited support option costs $200 per machine for the first year, $400 for the next, and $800 in the third and final year.
What can we do if we’re stuck and have to run XP temporarily?
The first thing to do is to figure out how to migrate away from XP more quickly!
But you’ll definitely also want to make sure you are up to date on the final Windows XP update. Similarly, make sure you are keeping current with antivirus updates. Plug-ins like Java and your browser should also maintain the most recent updates.
You’re also going to want to be prepared in case of trouble. This means doing frequent data back-up and making sure you have a re-install disk.
Minimizing your Internet exposure is a good idea as well. If you can take your XP machine offline—that will help—but obviously many of the things we need computers to do in 2014 demand the Internet and untethering may not be an option. Disconnecting from the Internet also doesn’t protect you entirely from threats. Any time you plug in a USB drive or input data from outside the computer, there’s a chance of infection.
How long does it take and how much does it cost to upgrade?
It really depends. If you have one lone computer running XP and already have a new machine purchased and fully licensed with Windows 7 or Windows 8, it might not cost anything. And, you might be able to have the switch done this afternoon using the Windows Easy Transfer utility. On the other hand, it might cost you $60,000 per machine, if you are replacing Windows XP and custom software on a network of ATM machines. (CNN.com)
Essentially, the complexity and cost will increase based on requirements to:
- Move multiple machines
- Add new hardware
- Update or replace old applications
- Adapt your network and server hardware to accommodate the changes
To connect with Microsoft IT partners who can advise you and assist with your OS migration, you can visit the Microsoft Pinpoint partner locator tool.
Part III: Financial applications
Moving to new hardware and a new operating system generally means updating your 3rd party applications. The catch is that sometimes—especially for discontinued applications—there is no update for Windows 7 or Windows 8.
If you are running a program that’s no longer offered or has undergone significant changes, identifying the easiest upgrade path can be especially tricky. The following chart of discontinued or re-branded financial applications may help you if you’re looking for info on your options.
XP compatibility: Popular discontinued and re-branded financial applications
|Product||Status||Win 7 or 8 Compatible||Recommended Path|
|Abra||Renamed “Sage HRMS”||Yes||Upgrade to current version of software|
|Axapta||Renamed “Dynamics AX”||Yes||Upgrade to current version of software|
|Cartesis Magnitude||Acquired; integrated with “SAP Business Objects”||Yes||Consider upgrade and comparable options|
|Great Plains||Renamed “Dynamics GP”||Yes||Upgrade to current version|
|Kintera Fundware||Acquired and renamed “Blackbaud Fundware”||Yes||Upgrade to current version of software|
|Maconomy||Acquired and rebranded “Deltek Maconomy”||Yes||Upgrade to current version|
|Master Builder||Renamed “Sage 100 Contractor”||Yes||Upgrade to current version of software|
|Microsoft FRX||Discontinued; replaced by “Management Reporter”||Yes||Upgrade to current version|
|Microsoft Money||Discontinued||No||Find comparable software|
|Microsoft Office Accounting||Discontinued||No||Find comparable software|
|MYOB||Acquired; replaced with “AccountEdge”||Yes||Upgrade to current version|
|Navision||Renamed “Dynamics NAV”||Yes||Upgrade to current version|
|Peachtree||Renamed “Sage 50”||Yes||Upgrade to current version|
|Sage BusinessVision||Available, but slated for retirement||Yes||Upgrade or compare to alternate Sage versions|
|Sage BusinessWorks||Available, but slated for retirement||Yes||Upgrade or compare to alternate Sage versions|
|Sage PFW ERP||Discontinued||Yes||Migrate to alternate Sage ERP product|
|Sage Pro ERP||Discontinued||Yes||Migrate to alternate Sage ERP product|
|SERVICE FIRST! Accounting||Discontinued||No||Find comparable software|
|Shoebox Records||Discontinued||No||Find comparable software|
|Solomon||Renamed “Dynamics SL”||Yes||Upgrade to current version|
|Teambooks||Discontinued||No||Find comparable software|
|Timberline||Renamed “Sage 300 Construction and Real||Yes||Upgrade to current version|
|Wind2||Acquired and discontinued||No||Consider other Deltek options|
While our chart displays the recommended path of least resistance to achieve feature parity on Windows 7 or 8 for various products, there are always many other software options available. No matter what financial software you’re using, if you’d like to explore your software choices—or if you just need help finding a support provider to assist with an upgrade—feel free to use our free software matching service.