SlideShare una empresa de Scribd logo

AVNET_CS_Panic_Death_of_XP

Nick Donaldson
Nick Donaldson

This document examines the impending end of support for Windows XP and the risks this poses, particularly for payment devices that will no longer be PCI compliant. It notes that many businesses have failed to address the issue and migrate from XP, despite the security risks it will leave them exposed to. Embedded software alternatives that can replace XP are described, but many businesses remain unaware of these options. The author argues that failing to address the XP issue will put businesses at risk of financial penalties or losing the ability to process payments.

1 de 3
Descargar para leer sin conexión
Embedding success in your business www.avnet-embedded.eu Introduction It is surely not too much to hope that the attitude of businesses to imminent and game-changing technology upheaval is one of thoroughness, timeliness and responsibility. This is all the more critical when an entire value chain is completely dependent upon the technology in question – vendors, distributors, integrators, OEMs, resellers, end-user organisations, all the way down to the individual withdrawing cash from an ATM in the street. It is all the more critical when failure to migrate to a new technology means spiralling vulnerabilities and gaping holes in security that will no longer be fixed. It is all the more critical when the technology in question will no longer comply with industry regulations that govern the safe electronic movement of billions of dollars every day, effectively rendering every credit and debit card transaction hazardous. In short, when we’re talking about something as significant as “end of life” – the withdrawal of support that heralds the definitive demise of a particular software, operating system or other technology - businesses have a duty to move to migrate to an alternative, and vendors have a duty to provide that alternative. But with the imminent demise of XP, this model has, arguably, dissolved. This piece examines the realities, risks, options and alternatives for a world and an economy that are soon to be XP-free (at least in the current sense) – and explores why many businesses and commentators are apparently in denial over this successful operating system’s impending swansong. Nick Donaldson, Director, Avnet Embedded nick.donaldson@avnet-embedded.eu The nature and impact of XP’s demise The exit of Microsoft XP does not follow the “rules”. It is not a necessary transition from an obsolete operating system to a better one, as with the move, say, from NT to 2000. Neither is it an improvement from one form of an operating system to an enhanced variant. In fact, the death of Microsoft XP represents a complete disconnect from established practice - and this is perhaps why many businesses (fed, it has to be said, by unhelpful misinformation from vendors and their partners) are either failing or refusing to grasp the impact thereof. As one consultancy firm put it in London’s Daily Telegraph, “In these tough economic times, it is not surprising that business leaders do not want to invest a substantial amount of money in something that essentially isn’t broken, as is the case with Windows XP today.” Donning the blinkers, focusing on the accounts and pretending the problem will go away thus appears to be the preferred action plan of many of our so-called “business leaders’”. If more proof were needed, here it is. A recent industry survey, cited in the The Register, shows that 40 per cent of respondents said their companies had “yet to even start migrating off XP”, and 20 per cent of respondents were not planning to do so at all. So, in an attempt to rouse these businesses from the comfort zone, let’s take just one (terrifying) example to clarify what an appalling false economy their current approach could prove to be – that of payment devices. “This piece examines the realities, risks, options and alternatives for a world and an economy that are soon to be XP free” “Panic? What Panic?” Is the industry in denial over the death of XP?
Huge numbers of these devices and their applications currently run on XP - POS tills, chip and PIN terminals, parking payment machines, motorway toll barriers, ATMs – the list is unrelenting. From April 2014, XP support for all these devices will cease. The resulting lack of updates and patches will mean that those millions of devices are no longer compliant with PCI (Payment Card Industry) regulations. This puts at risk everybody who is in any way involved with the creation and use of payment devices. It affects the businesses that supply the hardware and software on which the devices are built. It affects the businesses that build the devices. It affects the businesses that distribute them. It affects the businesses that use them, and, of course, it affects the individual end-users whose hard-earned cash is suddenly a target for hackers looking for outmoded security and easy pickings. Security experts have already predicted a rash of these attacks come April; as Gregg Keizer of Computerworld recently reported, “Hackers could find themselves in the catbird seat on April 8, 2014... those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves...” PCI enforcers, on the other hand, can fine businesses up to £400,000 for being non-compliant, and sellers (merchants) using the devices run the risk of losing their merchant account and being placed on Visa/MasterCard Terminated Merchant File (TMF) - making them unable to take credit or debit payments for several years, if ever. Any machine or device running the operating system, from your home PC to a corporate or banking network, will rapidly become increasingly vulnerable once support is withdrawn – but, of course, payment devices, given their lucrative function, will be the most urgently deficient. So where now? Confronted with such a potentially apocalyptic scenario, let’s suppose for a moment that the businesses in the value chain that produces and distributes payment devices asked themselves “So what are the alternatives”? And this is where wholesale confusion reigns. Many seem to think that help will still be readily available for PCI compliance after withdrawal. And indeed, according to law firm Pinsent Masons, quoted in The Register, businesses that continue to use Windows XP after 8 April 2014 will be able to engage with Microsoft or a licensed sourcing provider if they want to manage new or existing vulnerabilities and continue to comply with PCI requirements. But the implication is clear – these services do not come for free. Some see moving to Windows 7 or 8 as an option. Indeed, it is, but as I said earlier, the withdrawal of XP is no ordinary migration exercise, and nowhere is this clearer than in the lack of seamlessness between XP and Windows 7 and 8. Firstly, 7 and 8 do not support all of the devices that XP supports. Secondly, and rather more seriously, 7 and 8 will not necessarily be PCI-compliant on those particular devices even if they do support them. False hope aplenty. Making the switch over to a newer Windows operating system will also have other implications for a company’s infrastructure, and there could be complications in getting all the devices across a business to run on the same platform, particularly in larger businesses where multiple servers and point of sale devices are deployed. Whichever way you slice it, budget looms large in the process. “Hackers could find themselves in the catbird seat on April 8, 2014... those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves...”
Embedded misunderstanding Most damaging of all, however, is the lack of understanding around the options for using embedded software instead of standard XP. Many businesses in this space still think, for example, that embedded software requires a hardware refresh. Not so. Embedded offerings also include XP-based operating systems, such as POSReady 2009 and WES 2009, which can be delivered via a software services model, with no hardware implications. Embedded licensing also allows for a longer lifespan of devices, with some embedded products being available or supported for up to 15 years (thus avoiding exactly the kind of disruptive support withdrawal situation that businesses are currently having to deal with!) The benefits of embedded aren’t just limited to prolonging support life, however; there is also much greater licence discounting, higher levels of efficiency, locked-down functionality and full customisation support, enabling easy integration into a business environment. And there is no shortage of choice for XP users – the embedded variants of XP are abundant. Embedded is not, by any means, the only choice, and no choice can ever be perfect in every respect, but there is far more to recommend embedded technology as a replacement for the outgoing XP than the industry currently realises. Facing up to XP’s passing So how is it that the virtues of embedded just have not been properly grasped? Here, I hold my hands up. This industry (and this company) could have done a much better job of demystifying the embedded software value proposition to the payment device value chain. The level of misunderstanding in the marketplace proves it. So let’s not blame it all on the customer. But at the same time, I question the competence of business “leaders” who would sleepwalk their organisations (and those who interact with their products) into huge financial risk, rather than address a technical issue that requires some out-of-the-box thinking. Yes, the demise of XP is disruptive. Yes, XP has been effectively killed off by Microsoft in an act of unnecessary and premature euthanasia. Yes, this means that it doesn’t fit the mould of technology change that businesses are used to coping with. And yes, I can understand why, a year ago, businesses may not have wanted to deal with it immediately. But in the final analysis, we now have only six months to go before a lot of businesses start haemorrhaging their customers’ money to hackers, and their own to the authorities that will surely prosecute them. Yet still the minor leap to an XP-like alternative – a POSReady 2009, or a WES 2009, as compared to the relatively major upheaval required in deploying Windows 7 or 8 – seems to be a bridge too far for many of the businesses handling your and my money on a daily basis. Technology denial? I call it business suicide. “ Yes, the demise of XP is disruptive. Yes, XP has been effectively killed off by Microsoft in an act of unnecessary and premature euthanasia” For more information Please visit our website www.avnet-embedded.eu, email uk@avnet-embedded.eu or call +44 (0)1628 518 900

Recomendados

Design to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Design to Disrupt - Blockchain: cryptoplatform for a frictionless economyDesign to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Design to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Rick Bouter
 
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mcAccenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Paperjam_redaction
 
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
Cognizant
 
Business in a hurry
Business in a hurryBusiness in a hurry
Business in a hurry
The Economist Media Businesses
 
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Rick Bouter
 
Securing the internet of things opportunity putting cybersecurity at the hear...
Securing the internet of things opportunity putting cybersecurity at the hear...Securing the internet of things opportunity putting cybersecurity at the hear...
Securing the internet of things opportunity putting cybersecurity at the hear...
Rick Bouter
 
When Digital Disruption Strikes: How Can Incumbents Respond?
When Digital Disruption Strikes: How Can Incumbents Respond?When Digital Disruption Strikes: How Can Incumbents Respond?
When Digital Disruption Strikes: How Can Incumbents Respond?
Capgemini
 
Disrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Disrupting Reality: Taking Virtual & Augmented Reality to the EnterpriseDisrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Disrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Cognizant
 

Recomendados

Design to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Design to Disrupt - Blockchain: cryptoplatform for a frictionless economyDesign to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Design to Disrupt - Blockchain: cryptoplatform for a frictionless economy
Rick Bouter
 
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mcAccenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Accenture tech vision 2018 slideshare trend3_data_veracity_aw_a_mc
Paperjam_redaction
 
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
The Robot and I: How New Digital Technologies Are Making Smart People and Bus...
Cognizant
 
Business in a hurry
Business in a hurryBusiness in a hurry
Business in a hurry
The Economist Media Businesses
 
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Connect - Talk - Think - Act: Developing Internet of Things & Industrial Inte...
Rick Bouter
 
Securing the internet of things opportunity putting cybersecurity at the hear...
Securing the internet of things opportunity putting cybersecurity at the hear...Securing the internet of things opportunity putting cybersecurity at the hear...
Securing the internet of things opportunity putting cybersecurity at the hear...
Rick Bouter
 
When Digital Disruption Strikes: How Can Incumbents Respond?
When Digital Disruption Strikes: How Can Incumbents Respond?When Digital Disruption Strikes: How Can Incumbents Respond?
When Digital Disruption Strikes: How Can Incumbents Respond?
Capgemini
 
Disrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Disrupting Reality: Taking Virtual & Augmented Reality to the EnterpriseDisrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Disrupting Reality: Taking Virtual & Augmented Reality to the Enterprise
Cognizant
 
The future of bank branches coordinating physical with digital capgemini co...
The future of bank branches coordinating physical with digital capgemini co...The future of bank branches coordinating physical with digital capgemini co...
The future of bank branches coordinating physical with digital capgemini co...
Rick Bouter
 
The future of insurance distribution: New models for a digital customer
The future of insurance distribution: New models for a digital customerThe future of insurance distribution: New models for a digital customer
The future of insurance distribution: New models for a digital customer
Accenture Insurance
 
Introduction to IBM Cognitive Business
Introduction to IBM Cognitive Business Introduction to IBM Cognitive Business
Introduction to IBM Cognitive Business
Donna M Stechey
 
Cisco Cloud White Paper
Cisco Cloud White PaperCisco Cloud White Paper
Cisco Cloud White Paper
jtiblier
 
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
Cognizant
 
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
Bernard Marr
 
Don't come last in a mobile first --Whitepaper
Don't come last in a mobile first --WhitepaperDon't come last in a mobile first --Whitepaper
Don't come last in a mobile first --Whitepaper
Abhishek Sood
 
Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to MissPreparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
Enterprise Mobile
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
Cognizant
 
Accenture technology vision 2014 report trends IT
Accenture technology vision 2014 report trends ITAccenture technology vision 2014 report trends IT
Accenture technology vision 2014 report trends IT
ruttens.com
 
Absolute Software 2008 Annual Report
Absolute Software 2008 Annual ReportAbsolute Software 2008 Annual Report
Absolute Software 2008 Annual Report
TMX Equicom
 
Industry Unbound: The Inside Story of Privacy, Data and Corporate Power
Industry Unbound: The Inside Story of Privacy, Data and Corporate PowerIndustry Unbound: The Inside Story of Privacy, Data and Corporate Power
Industry Unbound: The Inside Story of Privacy, Data and Corporate Power
Bernard Marr
 
Empathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to BiohackingEmpathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to Biohacking
VINTlabs | The Sogeti Trendlab
 
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
default default
 
Di 2021 tech-trends
Di 2021 tech-trendsDi 2021 tech-trends
Di 2021 tech-trends
Learningade
 
Techtalk March 2018
Techtalk March 2018Techtalk March 2018
Techtalk March 2018
Galaxy Office Automation Pvt Ltd
 
The Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
The Amazing Ways Retail Giant Zalando Is Using Artificial IntelligenceThe Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
The Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
Bernard Marr
 
Fjord Trends 2020: Emerging Trends in Business | Accenture
Fjord Trends 2020: Emerging Trends in Business | AccentureFjord Trends 2020: Emerging Trends in Business | Accenture
Fjord Trends 2020: Emerging Trends in Business | Accenture
accenture
 
Digital Insurance
Digital InsuranceDigital Insurance
Digital Insurance
Kristof Breesch
 
How Semantic Analytics Delivers Faster, Easier Business Insights
How Semantic Analytics Delivers Faster, Easier Business InsightsHow Semantic Analytics Delivers Faster, Easier Business Insights
How Semantic Analytics Delivers Faster, Easier Business Insights
Cognizant
 
Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
Cognizant
 
Exploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxExploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docx
ssuser454af01
 

Más contenido relacionado

La actualidad más candente

Empathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to BiohackingEmpathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to Biohacking
VINTlabs | The Sogeti Trendlab
 
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
default default
 

La actualidad más candente (20)

The future of bank branches coordinating physical with digital capgemini co...
The future of bank branches coordinating physical with digital capgemini co...The future of bank branches coordinating physical with digital capgemini co...
The future of bank branches coordinating physical with digital capgemini co...
 
The future of insurance distribution: New models for a digital customer
The future of insurance distribution: New models for a digital customerThe future of insurance distribution: New models for a digital customer
The future of insurance distribution: New models for a digital customer
 
Introduction to IBM Cognitive Business
Introduction to IBM Cognitive Business Introduction to IBM Cognitive Business
Introduction to IBM Cognitive Business
 
Cisco Cloud White Paper
Cisco Cloud White PaperCisco Cloud White Paper
Cisco Cloud White Paper
 
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
Digital Process Acupuncture: How Small Changes Can Heal Business, and Spark B...
 
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
How Is Big Data, Artificial Intelligence And Technology Disrupting The Financ...
 
Don't come last in a mobile first --Whitepaper
Don't come last in a mobile first --WhitepaperDon't come last in a mobile first --Whitepaper
Don't come last in a mobile first --Whitepaper
 
Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to MissPreparing for the Future of Enterprise Mobility -- Insights Not to Miss
Preparing for the Future of Enterprise Mobility -- Insights Not to Miss
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
 
Accenture technology vision 2014 report trends IT
Accenture technology vision 2014 report trends ITAccenture technology vision 2014 report trends IT
Accenture technology vision 2014 report trends IT
 
Absolute Software 2008 Annual Report
Absolute Software 2008 Annual ReportAbsolute Software 2008 Annual Report
Absolute Software 2008 Annual Report
 
Industry Unbound: The Inside Story of Privacy, Data and Corporate Power
Industry Unbound: The Inside Story of Privacy, Data and Corporate PowerIndustry Unbound: The Inside Story of Privacy, Data and Corporate Power
Industry Unbound: The Inside Story of Privacy, Data and Corporate Power
 
Empathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to BiohackingEmpathic Computing: From Wearables to Biohacking
Empathic Computing: From Wearables to Biohacking
 
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...
 
Di 2021 tech-trends
Di 2021 tech-trendsDi 2021 tech-trends
Di 2021 tech-trends
 
Techtalk March 2018
Techtalk March 2018Techtalk March 2018
Techtalk March 2018
 
The Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
The Amazing Ways Retail Giant Zalando Is Using Artificial IntelligenceThe Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
The Amazing Ways Retail Giant Zalando Is Using Artificial Intelligence
 
Fjord Trends 2020: Emerging Trends in Business | Accenture
Fjord Trends 2020: Emerging Trends in Business | AccentureFjord Trends 2020: Emerging Trends in Business | Accenture
Fjord Trends 2020: Emerging Trends in Business | Accenture
 
Digital Insurance
Digital InsuranceDigital Insurance
Digital Insurance
 
How Semantic Analytics Delivers Faster, Easier Business Insights
How Semantic Analytics Delivers Faster, Easier Business InsightsHow Semantic Analytics Delivers Faster, Easier Business Insights
How Semantic Analytics Delivers Faster, Easier Business Insights
 

Similar a AVNET_CS_Panic_Death_of_XP

Exploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxExploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docx
ssuser454af01
 
Automated FP Evolution
Automated FP EvolutionAutomated FP Evolution
Automated FP Evolution
Doug Rudolph
 
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docxThe Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
ssusera34210
 
key-trends-in-merchant-security
key-trends-in-merchant-securitykey-trends-in-merchant-security
key-trends-in-merchant-security
Kerri Lorch
 
The Future of Enterprise Software - How Software Companies can Achieve High P...
The Future of Enterprise Software - How Software Companies can Achieve High P...The Future of Enterprise Software - How Software Companies can Achieve High P...
The Future of Enterprise Software - How Software Companies can Achieve High P...
Philipp Stauffer
 
Game Changing IT Solutions
Game Changing IT SolutionsGame Changing IT Solutions
Game Changing IT Solutions
DMIMarketing
 
Design to Disrupt: New Digital Competition - Sogeti VINT
Design to Disrupt: New Digital Competition - Sogeti VINTDesign to Disrupt: New Digital Competition - Sogeti VINT
Design to Disrupt: New Digital Competition - Sogeti VINT
VINTlabs | The Sogeti Trendlab
 
EMC_SurvivalKit_A5_04_Digitaal
EMC_SurvivalKit_A5_04_DigitaalEMC_SurvivalKit_A5_04_Digitaal
EMC_SurvivalKit_A5_04_Digitaal
Jacques Boschung
 

Similar a AVNET_CS_Panic_Death_of_XP (20)

Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
Riding the Seven Waves of Change That Will Power, or Crush, Your Digital Busi...
 
Exploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxExploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docx
 
Automated FP Evolution
Automated FP EvolutionAutomated FP Evolution
Automated FP Evolution
 
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docxThe Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
The Trouble With Enterprise SoftwareF A L L 2 0 0 7 .docx
 
key-trends-in-merchant-security
key-trends-in-merchant-securitykey-trends-in-merchant-security
key-trends-in-merchant-security
 
The Future of Enterprise Software - How Software Companies can Achieve High P...
The Future of Enterprise Software - How Software Companies can Achieve High P...The Future of Enterprise Software - How Software Companies can Achieve High P...
The Future of Enterprise Software - How Software Companies can Achieve High P...
 
Trends 2020 - Demystifying Bleeding Edge from Leading Edge Technology
Trends 2020 - Demystifying Bleeding Edge from Leading Edge TechnologyTrends 2020 - Demystifying Bleeding Edge from Leading Edge Technology
Trends 2020 - Demystifying Bleeding Edge from Leading Edge Technology
 
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
Focus on Data, Risk Control, and Predictive Analysis Drives New Era of Cloud-...
 
Bringing AI into the Enterprise: A Machine Learning Primer
Bringing AI into the Enterprise: A Machine Learning PrimerBringing AI into the Enterprise: A Machine Learning Primer
Bringing AI into the Enterprise: A Machine Learning Primer
 
Game Changing IT Solutions
Game Changing IT SolutionsGame Changing IT Solutions
Game Changing IT Solutions
 
Digital Transformation trends - 2018
Digital Transformation trends - 2018Digital Transformation trends - 2018
Digital Transformation trends - 2018
 
The Industry Software Revolution
The Industry Software RevolutionThe Industry Software Revolution
The Industry Software Revolution
 
Design to Disrupt: New Digital Competition - Sogeti VINT
Design to Disrupt: New Digital Competition - Sogeti VINTDesign to Disrupt: New Digital Competition - Sogeti VINT
Design to Disrupt: New Digital Competition - Sogeti VINT
 
Design 2 Disrupt - New Digital Competition
Design 2 Disrupt - New Digital CompetitionDesign 2 Disrupt - New Digital Competition
Design 2 Disrupt - New Digital Competition
 
top9.2p (1).docx
top9.2p (1).docxtop9.2p (1).docx
top9.2p (1).docx
 
What are the Top Technology Trends For Your Business?
What are the Top Technology Trends For Your Business?What are the Top Technology Trends For Your Business?
What are the Top Technology Trends For Your Business?
 
EMC_SurvivalKit_A5_04_Digitaal
EMC_SurvivalKit_A5_04_DigitaalEMC_SurvivalKit_A5_04_Digitaal
EMC_SurvivalKit_A5_04_Digitaal
 
Mantacore Whitepaper Part1 Standard System En
Mantacore Whitepaper Part1 Standard System EnMantacore Whitepaper Part1 Standard System En
Mantacore Whitepaper Part1 Standard System En
 
Mantacore Whitepaper Part1 Standard System En
Mantacore Whitepaper Part1 Standard System EnMantacore Whitepaper Part1 Standard System En
Mantacore Whitepaper Part1 Standard System En
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBook
 

AVNET_CS_Panic_Death_of_XP

  • 1. Embedding success in your business www.avnet-embedded.eu Introduction It is surely not too much to hope that the attitude of businesses to imminent and game-changing technology upheaval is one of thoroughness, timeliness and responsibility. This is all the more critical when an entire value chain is completely dependent upon the technology in question – vendors, distributors, integrators, OEMs, resellers, end-user organisations, all the way down to the individual withdrawing cash from an ATM in the street. It is all the more critical when failure to migrate to a new technology means spiralling vulnerabilities and gaping holes in security that will no longer be fixed. It is all the more critical when the technology in question will no longer comply with industry regulations that govern the safe electronic movement of billions of dollars every day, effectively rendering every credit and debit card transaction hazardous. In short, when we’re talking about something as significant as “end of life” – the withdrawal of support that heralds the definitive demise of a particular software, operating system or other technology - businesses have a duty to move to migrate to an alternative, and vendors have a duty to provide that alternative. But with the imminent demise of XP, this model has, arguably, dissolved. This piece examines the realities, risks, options and alternatives for a world and an economy that are soon to be XP-free (at least in the current sense) – and explores why many businesses and commentators are apparently in denial over this successful operating system’s impending swansong. Nick Donaldson, Director, Avnet Embedded nick.donaldson@avnet-embedded.eu The nature and impact of XP’s demise The exit of Microsoft XP does not follow the “rules”. It is not a necessary transition from an obsolete operating system to a better one, as with the move, say, from NT to 2000. Neither is it an improvement from one form of an operating system to an enhanced variant. In fact, the death of Microsoft XP represents a complete disconnect from established practice - and this is perhaps why many businesses (fed, it has to be said, by unhelpful misinformation from vendors and their partners) are either failing or refusing to grasp the impact thereof. As one consultancy firm put it in London’s Daily Telegraph, “In these tough economic times, it is not surprising that business leaders do not want to invest a substantial amount of money in something that essentially isn’t broken, as is the case with Windows XP today.” Donning the blinkers, focusing on the accounts and pretending the problem will go away thus appears to be the preferred action plan of many of our so-called “business leaders’”. If more proof were needed, here it is. A recent industry survey, cited in the The Register, shows that 40 per cent of respondents said their companies had “yet to even start migrating off XP”, and 20 per cent of respondents were not planning to do so at all. So, in an attempt to rouse these businesses from the comfort zone, let’s take just one (terrifying) example to clarify what an appalling false economy their current approach could prove to be – that of payment devices. “This piece examines the realities, risks, options and alternatives for a world and an economy that are soon to be XP free” “Panic? What Panic?” Is the industry in denial over the death of XP?
  • 2. Huge numbers of these devices and their applications currently run on XP - POS tills, chip and PIN terminals, parking payment machines, motorway toll barriers, ATMs – the list is unrelenting. From April 2014, XP support for all these devices will cease. The resulting lack of updates and patches will mean that those millions of devices are no longer compliant with PCI (Payment Card Industry) regulations. This puts at risk everybody who is in any way involved with the creation and use of payment devices. It affects the businesses that supply the hardware and software on which the devices are built. It affects the businesses that build the devices. It affects the businesses that distribute them. It affects the businesses that use them, and, of course, it affects the individual end-users whose hard-earned cash is suddenly a target for hackers looking for outmoded security and easy pickings. Security experts have already predicted a rash of these attacks come April; as Gregg Keizer of Computerworld recently reported, “Hackers could find themselves in the catbird seat on April 8, 2014... those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves...” PCI enforcers, on the other hand, can fine businesses up to £400,000 for being non-compliant, and sellers (merchants) using the devices run the risk of losing their merchant account and being placed on Visa/MasterCard Terminated Merchant File (TMF) - making them unable to take credit or debit payments for several years, if ever. Any machine or device running the operating system, from your home PC to a corporate or banking network, will rapidly become increasingly vulnerable once support is withdrawn – but, of course, payment devices, given their lucrative function, will be the most urgently deficient. So where now? Confronted with such a potentially apocalyptic scenario, let’s suppose for a moment that the businesses in the value chain that produces and distributes payment devices asked themselves “So what are the alternatives”? And this is where wholesale confusion reigns. Many seem to think that help will still be readily available for PCI compliance after withdrawal. And indeed, according to law firm Pinsent Masons, quoted in The Register, businesses that continue to use Windows XP after 8 April 2014 will be able to engage with Microsoft or a licensed sourcing provider if they want to manage new or existing vulnerabilities and continue to comply with PCI requirements. But the implication is clear – these services do not come for free. Some see moving to Windows 7 or 8 as an option. Indeed, it is, but as I said earlier, the withdrawal of XP is no ordinary migration exercise, and nowhere is this clearer than in the lack of seamlessness between XP and Windows 7 and 8. Firstly, 7 and 8 do not support all of the devices that XP supports. Secondly, and rather more seriously, 7 and 8 will not necessarily be PCI-compliant on those particular devices even if they do support them. False hope aplenty. Making the switch over to a newer Windows operating system will also have other implications for a company’s infrastructure, and there could be complications in getting all the devices across a business to run on the same platform, particularly in larger businesses where multiple servers and point of sale devices are deployed. Whichever way you slice it, budget looms large in the process. “Hackers could find themselves in the catbird seat on April 8, 2014... those who have zero-day exploits for XP will bank them until that day and then sell them to crooks or loose them themselves...”
  • 3. Embedded misunderstanding Most damaging of all, however, is the lack of understanding around the options for using embedded software instead of standard XP. Many businesses in this space still think, for example, that embedded software requires a hardware refresh. Not so. Embedded offerings also include XP-based operating systems, such as POSReady 2009 and WES 2009, which can be delivered via a software services model, with no hardware implications. Embedded licensing also allows for a longer lifespan of devices, with some embedded products being available or supported for up to 15 years (thus avoiding exactly the kind of disruptive support withdrawal situation that businesses are currently having to deal with!) The benefits of embedded aren’t just limited to prolonging support life, however; there is also much greater licence discounting, higher levels of efficiency, locked-down functionality and full customisation support, enabling easy integration into a business environment. And there is no shortage of choice for XP users – the embedded variants of XP are abundant. Embedded is not, by any means, the only choice, and no choice can ever be perfect in every respect, but there is far more to recommend embedded technology as a replacement for the outgoing XP than the industry currently realises. Facing up to XP’s passing So how is it that the virtues of embedded just have not been properly grasped? Here, I hold my hands up. This industry (and this company) could have done a much better job of demystifying the embedded software value proposition to the payment device value chain. The level of misunderstanding in the marketplace proves it. So let’s not blame it all on the customer. But at the same time, I question the competence of business “leaders” who would sleepwalk their organisations (and those who interact with their products) into huge financial risk, rather than address a technical issue that requires some out-of-the-box thinking. Yes, the demise of XP is disruptive. Yes, XP has been effectively killed off by Microsoft in an act of unnecessary and premature euthanasia. Yes, this means that it doesn’t fit the mould of technology change that businesses are used to coping with. And yes, I can understand why, a year ago, businesses may not have wanted to deal with it immediately. But in the final analysis, we now have only six months to go before a lot of businesses start haemorrhaging their customers’ money to hackers, and their own to the authorities that will surely prosecute them. Yet still the minor leap to an XP-like alternative – a POSReady 2009, or a WES 2009, as compared to the relatively major upheaval required in deploying Windows 7 or 8 – seems to be a bridge too far for many of the businesses handling your and my money on a daily basis. Technology denial? I call it business suicide. “ Yes, the demise of XP is disruptive. Yes, XP has been effectively killed off by Microsoft in an act of unnecessary and premature euthanasia” For more information Please visit our website www.avnet-embedded.eu, email uk@avnet-embedded.eu or call +44 (0)1628 518 900