Jan 14 2020

End of Life for Windows 7 Has Finally Arrived

Federal agencies that have not yet upgraded to Windows 10 face greater risks if they continue to use the legacy operating system.

The day has finally arrived: Microsoft will no longer provide regular support for its Windows 7 operating system and has urged users to upgrade to Windows 10.

For federal agencies, the date should not be a cause for too much concern: As of the end of July, 31 percent of federal civilian agency computers still ran Windows 7, according to an official from the Cybersecurity and Infrastructure Security Agency who spoke to Federal Times. Presumably, that figure has declined since then, and the vast majority of agencies are running Windows 10. 

Still, IT leaders should be aware of the risks of continuing to run Windows 7. “If you continue to use Windows 7 after support has ended, your PC will still work, but it will become more vulnerable to security risks and viruses,” Microsoft notes. “Your PC will continue to start and run, but you will no longer received software updates, including security updates, from Microsoft.”

The exception involves Windows 7 users who pay to enroll in Microsoft’s Extended Security Update program. But Microsoft describes that program as a “last resort option” that will only provide updates “if and when available,” and the company plans to offer it for just three years.

Agencies have been moving steadily to Windows 10 since the deadline was announced. The associated costs that come with missing the deadline are just one reason for the migration. Extended support will be available, but comes at a per-device cost that will increase until support expires at the end of January 2023. There are other factors influencing the decision to move as well, including gaining more streamlined IT operations and enhanced cybersecurity

Now that Microsoft is no longer providing support for Windows 7, here is what agencies need to know about the shift to Windows 10.

MORE FROM FEDTECH: Find more information about Windows 7’s end of life.

The Key Advantages of Windows 10 Over Windows 7

What are the key differences between Windows 7 and Windows 10?

Functionally, both Windows 7 and Windows 10 offer a familiar Microsoft experience. One key difference is the Start Menu: Removed in Windows 8 in favor of a “tile” system, the Start Menu is back in Windows 10, but with a twist. While the Start Menu still offers quick access to applications, it also includes Live Tiles that show relevant, real-time data.

In addition, Windows 10 streamlines search and notification functions with a dedicated search bar at the bottom of the desktop and a notification center in the bottom right corner, making it easier for users to find what they want, schedule upgrades or make system changes.

Windows 10 offers key advantages over Windows 7, including:

  • Virtual desktops: Windows 10 natively includes virtual desktop functionality to streamline business workloads.
  • Improved data security: Using tools such as Windows Defender, BitLocker and Advanced Threat Detection, Windows 10 offers better defense against threat actors.
  • Automatic updates: Instead of cumbersome, time-consuming updates, Windows 10 handles the updating process automatically to minimize downtime.
  • Windows Sandbox: Users can easily test unknown software in a safe and secure environment.
  • Windows Timeline: Using the Task View button or pressing the Windows key + Tab brings up the timeline, which shows recent activity in supported apps. This is a great feature for business users working across multiple devices in the Windows 10 environment.

Agency IT leaders can also put in place several Windows 10 performance adjustments that can help achieve optimal productivity. These include deleting unused files to keep disk space free, managing disk space via features such as Storage Sense and Windows 10 Disk Cleanup, tuning visual effects to make the operating system more responsive, modifying virtual memory settings and updating device drivers for optimal performance. 

The Security Benefits of Windows 10

Transportation Security Administration CIO Russell Roberts has told FedTech that the primary advantage of Windows 10 is the “improved IT security” it offers, and other agency leaders have highlighted its relative speed and stability compared to its operating system predecessors.

While not endorsing Windows 10 specifically, Small Business Administration CISO Beau Houser says the SBA has seen “a lot of benefits from the security features that are now built into Windows 10.” Microsoft’s decision to build security features into the kernel of the operating system is “extremely advantageous from an architecture standpoint.”

Normal computing activity, such as web browsing, can often lead to malware infections, Houser says. Windows 10 offers more secure web browsing, especially via its Edge browser, and Houser says the SBA has seen a decrease in the number of those routine cybersecurity incidents since migrating to Windows 10.

“On top of a secure operating system, customers also need the added defense of endpoint protection and detection, which is why we built Microsoft Defender Advanced Threat Protection into Windows 10,” says Rob Lefferts, corporate vice president of security at Microsoft.

Microsoft Defender ATP is a unified platform for preventative protection, post-breach detection, automated investigation and response, he notes. The platform helps agencies “reduce their overall risk by eliminating threats before they get to users and helping already strained IT departments prioritize and remediate threats.” Defender ATP is also powered by the cloud, so it is constantly updated and exchanging signals with the Microsoft Intelligent Security Graph, and it “shares detection and exploration insights across devices, identities and information to speed up response and recovery,” Lefferts says.

Here’s a more detailed look at the technologies included in Windows Defender that deliver superior protection.

MORE FROM FEDTECH: Find out how the Army, Coast Guard and SBA completed their journeys to Windows 10.

Accelerating the Shift to Windows 10

By now, IT leaders should have conducted an inventory of every machine, every device, every piece of software, every endpoint and every cloud-based app downloaded by a user who skipped telling the IT department. Microsoft has toolkits and other analytics to assist IT teams with this burdensome process

Following those steps, IT leaders must plan for the deployment. They can use Windows Analytics to assess device and app readiness and contact Microsoft’s Desktop App Assure team or your CDW account team for help with app compatibility. 

Another step is to prepare the agency’s network infrastructure and directory services with Azure Active Directory and prep apps for deployment and Office Click-to-Run packaging. Agencies should also sync user files to the cloud and then customize user and device settings, according to Microsoft. 

IT security teams need to plan for new security capabilities as part of the deployment. Agencies must plan their deployment strategies to support new hardware, device replacement, upgrade and reimaging, as well as having a rollout plan for phased deployment.

Deployment rings can ease the process; each ring includes workers from a variety of departments so problems limited to one department can be seen more quickly and affect only a few people at a time. 

To avoid data loss during migrations, agencies should use the User State Migration Tool’s data store to temporarily hold user data and settings. Group Policy folder redirection and OneDrive for Business Known Folder Migration can guarantee data safety, and data should only be stored in approved locations.

IT leaders should communicate with agency users to prepare them for new capabilities to get the full value of Windows 10. They should also work with their hardware providers to enable Windows Autopilot to customize new devices without the need to reimage. Windows Analytics can be used to monitor the deployment until it’s complete and help make data-driven decisions later for future updates.

Federal agencies are ahead of their state and local government counterparts when it comes to migrating to Windows 10. Now that Windows 7 support has ended, however, those that have not yet made the switch need to get moving to avoid cybersecurity risks.

AIRMAN 1ST CLASS ALEXIS P. DOCHERTY/U.S. AIR FORCE

Sponsors