By Chahak Mittal, GRC Manager, Universal Logistics
In the ever-changing world of technology, managing end-of-life (EOL) and out-of-service (OOS) operating systems has become a critical concern for organizations of all sizes. These outdated systems pose a significant security risk and can hinder operational efficiency.
What are EOL and OOS operating systems?
An EOL operating system is one that is no longer supported or maintained by the vendor. This means that the vendor will no longer release security patches or updates for the system, leaving it vulnerable to known and emerging threats.
An OOS operating system is one that is still supported by the vendor but is no longer used by the organization. This can happen for several reasons, such as a merger or acquisition, or a change in business requirements.
Why are EOL and OOS operating systems so dangerous?
EOL and OOS operating systems are dangerous because they are vulnerable to cyberattacks. Hackers know that these systems are no longer supported and are often able to exploit known vulnerabilities to gain access to networks and systems.
In addition to security risks, EOL and OOS operating systems can also impact operational efficiency. They may not be compatible with newer software and hardware, and they can be slow and unresponsive.
How much EOL and OOS systems are pervasive?
According to Kaspersky research, nearly 41% of consumers still use unsupported or approaching end of support desktop operating systems (OS) like Windows XP or Windows 7. Similarly, 40% of very small businesses (VSBs) and 48% of small, medium-sized businesses (SMBs) and enterprises still rely on these systems for their security needs. Another 2021 report by Kaspersky revealed, more than 73 percent of healthcare providers use medical equipment that runs on a legacy OS. This paints a concerning picture of the ubiquity of these systems, with many organizations unknowingly operating on outdated platforms. These systems often lack vital security patches and updates, making them prime targets for cyberattacks.
How do you to Identify EOL and OOS operating systems?
There are several steps that organizations can take to manage EOL and OOS operating systems, including:
Harnessing the Power of Vulnerability Scanners
Vulnerability scanners have proven to be effective weapons in the arsenal against EOL and OOS operating systems. Some popular vulnerability scanners include Tenable Nessus and OpenVAS. These scanners operate by scanning networks for EOL and OOS operating systems and cross-referencing detected software versions with a database of known vulnerabilities. If a vulnerability is found, the scanner generates a detailed report that can be used to remediate the vulnerability.
Vulnerability scanners can be used to identify EOL and OOS operating systems on both on-premises and cloud-based networks. They can also be used to scan for EOL and OOS operating systems on mobile devices.
Endpoint Management Tools for Centralized Control
Endpoint management tools are essential allies in the fight against EOL and OOS operating systems. These tools provide organizations with a centralized view of all devices within their ecosystem, including their operating systems and software versions. This information can be used to identify, assess, and remediate EOL and OOS systems, thus preventing security vulnerabilities.
Some popular endpoint management tools include Microsoft Endpoint Manager and VMware Workspace ONE.
The Power of Public Databases
Public databases, such as the well-regarded End of Life Date (EoLD) database, provide readily available resources to identify EOL and OOS operating systems. The EoLD database offers an extensive list of operating systems, complete with their respective end-of-support dates. For organizations seeking a straightforward method to track EOL systems, this database has proven to be an asset.
How do you craft the right approach?
The best way to identify EOL and OOS systems depends on your organization’s unique needs and resources. If you already have vulnerability scanners or endpoint management tools in place, repurposing them is the most efficient approach. If you do not have access to these tools, using a public database like EoLD is a viable option.
No matter which approaches you choose, it is important to identify and remediate EOL and OOS systems as soon as possible. These systems pose a significant security risk to your organization.
How to remediate?
Once you have identified EOL and OOS systems in your environment, it is important to take prompt action to remediate them. This can be done in several ways, including:
Upgrading the operating system.
This is the most effective way to remediate EOL and OOS systems, as it will provide your organization with the latest security patches and updates. Of course, upgrading your operating system can be a complex and time-consuming process. It is important to carefully plan and test your upgrade before deploying it to production systems.
Applying patches.
If upgrading the operating system is not possible, you can try to apply patches to the EOL or OOS system. However, it is important to note that patches may not be available for all EOL and OOS systems.
Applying patches is a process of installing updates to software to fix known vulnerabilities. Patches are typically released by software vendors and can be downloaded and installed manually or automatically. To apply a patch to an EOL or OOS system, you will need to first identify the patches that are available for the system. You can usually find this information on the software vendor’s website. Once you have identified the available patches, you will need to download and install them on the system. It is important to follow the instructions carefully when installing patches. Installing patches incorrectly can cause problems with the system or even make it unusable.
Migrating to a supported platform.
If upgrading the operating system or applying patches is not possible, you may need to migrate the EOL or OOS system to a supported platform. This can be a complex and time-consuming process, but it is essential for protecting your organization from security threats. Migrating to a supported platform involves transferring the data and applications from the EOL or OOS system to a new system that is supported by the software vendor. This process can be challenging, as it requires careful planning and testing to ensure that the migration is successful, and that the new system meets the needs of your organization.
The urgency of these actions cannot be overstated. EOL and OOS systems pose a significant security risk to your organization. By taking prompt action to remediate them, you can help to protect your organization from cyberattacks and data breaches.
In addition to the remediation steps listed above, there are several proactive steps that you can take to further reduce the risk posed by EOL and OOS systems, including:
Segmenting your network. Segmenting your network is the process of dividing your network into smaller, isolated subnets. This can help to improve security by preventing EOL and OOS systems from being compromised and used to attack other systems on your network.
When you segment your network, you create a barrier between EOL and OOS systems and other systems on your network. This barrier makes it more difficult for attackers to move laterally from an EOL or OOS system to other systems on your network.
To segment your network, you can use a variety of technologies, such as firewalls, routers, and VLANs. The best way to segment your network will vary depending on the size and complexity of your network.
Implementing security controls.
This includes implementing firewalls, intrusion detection systems/intrusion prevention systems (IDS/IPS), and other security controls to protect your network from attack. You should choose and implement a combination of security controls that is appropriate for the size and complexity of your network, as well as the types of threats that you face.
Educating your employees.
Educating your employees about the risks of EOL and OOS systems and how to avoid them is an important part of protecting your organization from cyberattacks. Employees are often the first line of defense against cyberattacks, so it is important that they are aware of the risks and know how to protect themselves.
By taking these proactive steps, you can help to reduce the risk posed by EOL and OOS systems and protect your organization from cyberattacks.
About the Author
Chahak Mittal is a Certified Information Systems Security Professional (CISSP) and Cybersecurity Governance, Risk and Compliance Manager at Universal Logistics. Chahak is deeply committed to knowledge sharing and community engagement. She has actively contributed to the cybersecurity ecosystem through her roles as a Judge at Major League Hacking (MLH) Hackathons and a dedicated Cybersecurity Teacher in the Microsoft TEALS Program. Chahak’s active involvement in organizations such as the Cybersecurity Collaboration Forum and SecureWorld’s Detroit Advisory Board has been instrumental in her pursuit of staying at the forefront of industry trends and challenges. She has also channeled her insights into thought-provoking cybersecurity articles, published on SecureWorld, making a meaningful contribution to the field’s intellectual discourse. Chahak’s commitment to diversity and inclusion in cybersecurity is unwavering. She has actively participated in organizations like Women in Cybersecurity (WiCyS) and the Michigan Council of Women in Technology (MCWT), where she has championed the cause of gender diversity within the field. Her outreach efforts extend to interviews on prominent media platforms like PBS Channel and the Women in Technology podcast, where she has shared her insights to inspire young girls to consider cybersecurity as a viable and rewarding career path.
Chahak Mittal can be reached online at ([email protected]) and at her LinkedIn profile https://www.linkedin.com/in/chahak-mittal-cissp/