Secure Windows XP before a Windows 7 upgrade

It often happens that legacy operating systems (Windows NT, Windows 2000 Server, etc.) do not get the attention they deserve during upgrades and migrations. Inevitably, security suffers. When these holes are found in legacy Windows systems, the response is almost always that the box will soon be taken offline. Unfortunately, soon doesn't cut it when it comes to someone maliciously exploiting the unplugged holes in these undermanaged systems. Even if you and your business are moving forward, your Windows XP systems are still going to be targets for attack -- especially once Microsoft stops supporting it in 2014.

Regardless of the systems' age or how they're being used, employees, contractors, external attackers and malware will continue to be threats to your Windows XP systems. Likewise, the same old Windows vulnerabilities will still be around. If these weaknesses are exploited, it could create serious problems for your business.

So what can you do? For starters, you can't depend on Microsoft to keep XP secure indefinitely. Locking everything down in XP, to the point where no one can get any work done, is not an option either. The key to keeping your Windows XP systems secure is to create a structured set of Windows security standards and security testing practices while you've got the time. The three areas you'll need to focus on are visibility, control and knowing your systems' current status. This means putting reasonable p...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Microsoft Windows 7 operating system New Windows XP Mode eliminates compatibility issues in Windows 7 Remote troubleshooting made easier with Windows 7's Problem Step Recorder Windows 7 launches, offers salvation from Vista Converting Windows 7 deployment images to virtual hard drive files Using Windows 7 to configure workstations for optimal power management MDOP for Windows 7 available now An intro to Windows 7's Deployment Image Servicing and Management tool Guide to converting from Windows XP to Windows 7 Manage the desktop image lifecycle to limit work, ensure security Microsoft Desktop Optimization Pack 2009 R2 adds Windows 7 support Windows desktop security tips Improvements to offline file synchronization in Windows 7 How to get -- and keep -- user support with security Structuring patch management in seven steps Underlying causes of inconsistent patch management Monitoring user activity with network analyzers Microsoft's Patch Tuesday brings a bumper crop of security fixes Using third-party technologies with Microsoft's NAP Understanding Microsoft's NAP's internal and external components Microsoft's NAP can ensure security compliance Top 5 registry keys for Windows XP Microsoft Windows XP Pro Guide to converting from Windows XP to Windows 7 Top 5 registry keys for Windows XP Manage the desktop image lifecycle to limit work, ensure security Microsoft's August patches run the gamut Hold on to Windows XP at your peril XP stragglers blame hardware costs, new features Your questions answered: The Windows 7 upgrade quandary Windows Vista users get little pricing relief on Windows 7 Vista shops eye quick path to Windows 7, XP shops likely to resist Google Chrome likely a niche player in Windows enterprise

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Error messages for Windows XP Pro  (SearchEnterpriseDesktop.com) XP key changer  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

rocesses in place around these critical, required areas of security:

• Patch management
• Malware protection
• Access controls
• Passwords
• Backups
• System monitoring

There's no best way to keep your Windows XP systems locked down, but the important thing is to not forget about them. Given the complexities of most networks and the demands of everyday business, this may seem unrealistic. You may even want to let your legacy Windows XP systems fend for themselves until they die off altogether. Keep in mind, however, that out of sight and out of mind doesn't make the security risks go away. With the right tools and the right choices, you can gain and maintain control of your Windows XP systems. Be sure to focus on the following:

1. Know what's at risk
2. Set good standards and policies
3. Educate everyone on what to do/not to do
4. Enforce your policies
5. Perform in-depth security testing on a consistent basis
6. Automate and use technology to your advantage wherever possible

Windows XP may be going away in spirit, but its physical remains will linger on for some time. Don't let Windows XP security management, or a lack thereof, rule your time now or in the future. Get a handle on these possible issues early and it will make a difference for your business.

ABOUT THE AUTHOR:   

[IMAGE]Kevin Beaver
Kevin Beaver is an information security consultant, keynote speaker, and expert witness with Atlanta-based Principle Logic, LLC. Kevin specializes in performing independent security assessments. Kevin has authored/co-authored seven books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley). He's also the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. Kevin can be reached at kbeaver /at/ principlelogic.com.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.