ATMs, Microsoft and the End of Life

photo credit: redspotted via photopin cc

photo credit: redspotted via photopin cc

Those of you familiar with this blog know that a recurring theme in our posts is planning ahead and being proactive. We like to think that strategy is a living process in organisations and not a one off and random act. Well sadly in many, and especially in big organisations, planning ahead strategically can be sadly lacking.

Let us examine a simple fact, way back in 2007, Microsoft announced that it would end support for XP that much loved but inherently insecure beast of an operating system which we all love and hate at the same time. They gave us all 7 years, yes 7 years, to migrate to something newer, better and more secure. The end date is 8th of April – after that, support will require penal license fees. Is the world ready? In a word, No.

You would think 7 years notice would be sufficient for most organisations to react. Well sadly in many larger organisations, and especially the big banks, 7 years to plan and execute is clearly not enough. Let us ignore the fact that one bank, which is a client of ours, is still migrating (I am sure they are not alone) and I am myself will be sitting in front of a XP desktop after I wrote this article. Let us also ignore the fact that much of the US government is still migrating their servers and desktops. What scared me is this article (‘Banks negotiate extended Windows XP support for ATM systems’) where it is clear that most UK cashpoint ATMs will not be migrated in the near future, in fact it appears that they have not even started!

We trust the big banks with our money. XP was a massive leap forward when it was launched but we all know the millions of hacks and attacks that have compromised much of the legacy Microsoft software at times. You would think with this security risk that the banks would want to be off the systems and onto something newer and better, especially the ones that give out hard cash. Sadly it appears that they will be chewing up profits, paying Microsoft premiums to support something that would be better replaced with newer and safer alternatives. Time for a hardened Unix kernal based ATM, anyone?

I will leave this tale with a thought to you all:

  1. Start proactively managing your end of life assets.
  2. Get a list of your IT assets and contracts
  3. Write down how old they all are and when they are due for replacement.
  4. Ask yourself what you need to plan if you want to stay supported.
  5. Build it into the cycles of your organisation and plan for replacement in your finances.

Doing this will not leave you in the vulnerable state our cashpoints are in now.

Comments are closed.