As Microsoft support for Windows 7 nears its scheduled end in early 2020, most federal agencies are well on their way to migrating their systems to Windows 10.
According to a recent report in Federal Times, less than a third of federal civilian agency computers were running on Windows 7 as of the middle of last summer.
An official with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, which has been tracking migration efforts across the federal government, told the publication that the majority of federal agencies had made significant progress.
Windows 7 has been the primary operating system on federal agency computers since its release in 2009, but support for the system is slated to end on January 14, 2020. After that date, according to Microsoft, PCs using Windows 7 will continue to work, but because they won’t receive software or security updates, they’ll be “more vulnerable to security risks.”
The exception involves Windows 7 users who pay to enroll in Microsoft’s Extended Security Update program. But Microsoft describes that program as a “last resort option” that will only provide updates “if and when available,” and the company plans to offer it for just three years.
MORE FROM FEDTECH: Find more information about Windows 7’s end of life.
Agencies Race to the Windows 7 Finish Line
Within the federal government, the push to leave Windows 7 behind first gained traction in early 2016, when the Department of Defense issued a directive to its agencies to move to Windows 10 by January 31, 2017.
“Rapid implementation” of the new operating system, the directive reads, “will improve our cybersecurity posture, lower the cost of IT, and streamline the IT operating environment.”
That 2017 deadline turned out to be too tight, but by the summer of 2018, the Marine Corps, the U.S. Coast Guard and the Army, as well as a growing number of civilian agencies, had either completed or were close to completing the migration process. This summer saw more agencies cross the Windows 10 finish line, and now it appears the race is wrapping up.
According to Federal Times, DHS had upgraded approximately 97 percent of its computers as of early August, and DOD reported that its upgrades were “substantially complete.”
The Department of Education also indicated that it had finished its migrations, while the General Services Administration, the Office of Personnel Management, and the Nuclear Regulatory Commission all said they were on target to meet the January deadline.
Spokespeople at two other agencies — the Department of Veterans Affairs and the Department of Labor — told Federal Times that their migrations were well underway as well. The VA reported its migration was just 40 percent complete, but also assured that it was “on track” to finish on time, while the Labor Department said it had only a few hundred computers to go before it reached 100 percent completion.
Upgraded Operating System Provides Better Speed and Security
At the Transportation Security Administration, where the agency paired its migration with a planned refresh of laptops and desktops to make the job simpler, CIO Russ Roberts tells FedTech that the agency is “99.9 percent” done.
The exceptions have involved equipment that won’t permit an operating system change, including certain legacy screening devices the agency uses at security checkpoints.
“The upgrade had some challenges that we needed to work through, but overall, it was accomplished in a timely fashion with no showstoppers,” Roberts says. The machines that the organization couldn’t move to Windows 10, he adds, “remain operational but are disconnected from any network and function in a standalone-only mode.”
While Roberts says the primary advantage of Windows 10 is the “improved IT security” it offers, other agency leaders have highlighted its relative speed and stability compared to its operating system predecessors.
“We’re seeing reduced latency and better network connectivity,” says Russ Miller, director of IT services with the Small Business Administration.
Peripherals Pose a Challenge in Some Migrations
The SBA, Miller notes, completed migration at its headquarters last summer and is now about a third of the way through its field deployment. Leaders had hoped to be finished by July 4, but a funding issue that prevented the agency from purchasing new computers pushed the projected completion date to the first week of December.
“In terms of the deployment, everything is going smoothly now,” he says. “For the ones that we already have running on Windows 10, we haven’t had any serious codes that we’ve had to go back to Microsoft to resolve.”
The one hurdle the SBA has faced, Miller says, involves the compatibility of Windows 10 with ancillary devices like printers and copiers. Some devices that have been loaded with specific drivers won’t function with the new OS, he explains, “but if you go back and just load the series driver instead, everything works just fine.”
Beyond that, Miller says he’s found “no real limitations with Windows 10.” Like Roberts at the TSA, he says he’s impressed by the operating system’s enhanced security capability and believes his agency’s computers are safer because of it.
The SBA is deploying the frequent upgrades that Microsoft releases, testing its machines first each time one rolls out to ensure the new version doesn’t interfere with the agency’s applications and software. But in general, he says, it’s been business as usual for the nearly 2,000 people who work at the SBA.
“The main thing is, Windows 10 does what we need it to do,” he says, “and so far, it’s worked surprisingly well.”
User Experience Is Good, But Tighter Security Is Better
While most federal employees shifting to Windows 10 will simply notice that their computers work better and faster, those on the front lines of IT threat management see the OS in a slightly different light.
“To me,” says Leo Taddeo, CISO at the enterprise IT security firm Cyxtera, “the big improvement with Windows 10, beyond the user experience, has to do with its security upgrades.”
The new operating system, Taddeo explains, mandates updating — and the automatic application of security patches — across the enterprise.
“With Windows 7, one of the major challenges has been that users can opt out of those automatic updates. If an update interrupts your workflow or you just don’t want to deal with it, you can postpone it,” he says.
The problem with postponing patches, however, is that doing so makes devices more vulnerable. “Patches protect devices from known exploits,” he says. If you’re not patching when patches are available, you’re putting your machine at risk.”
Windows 10, Taddeo says, “makes patching idiot-proof by taking the user out of the security picture.”
That combined with other security features, including facial recognition technology for user authentication, makes the new OS “a much safer option for federal agencies than continuing to use Windows 7,” he says.