Prepare for the end of Windows 10 support
This article is aimed at individuals and organisations who are currently using Windows 10.
One of the critical pieces of the security jigsaw is making sure that your software is up to date. Much of this revolves around installing security patches as they’re released by the developer. However, there’s also the small matter of ensuring that the software you use is supported, so that the necessary updates are actually being developed.
This distinction is especially important if you’re one of the millions of people using Microsoft Windows 10: in 600 days’ time (on 14 October 2025) support for Microsoft Windows 10 will end.
Unlike operating systems for servers where you can buy (at a price) a two or three year extension, after 14 October 2025 there will be no more support and Windows 11 will be your only option.
We’re writing about this now well in advance of the change because it is likely to affect you and your organisation in key ways, and you’ll need to take action.
Beware OS-specific programmes
There are technologies that may be tied to Windows 10, and which you cannot run on Windows 11. The easiest course of action is to simply keep one or more machines running Windows 10 so that you can use these programmes or services.
However, it seems likely that malicious actors will start searching for these sorts of vulnerabilities, especially since they know these services and machines won’t be receiving security updates.
If you rely on any of these legacy systems, you should start scheduling upgrades – or looking for alternatives – now.
Give staff to time to learn
In the case of businesses, there’s a cultural and staffing issue to consider in the move to Windows 11. Staff need time to learn new technologies and operating systems which can, in many cases, lead to a short-term drop in productivity.
For businesses, the potential for lost productivity when staff encounter something unfamiliar is more pressing than the longer-term gains when staff have the chance to play with and master new technology in good time.
Don’t risk your CyberEssentials certification
And there is also a security governance issue to this issue. If you hold a CyberEssentials or CyberEssentials Plus certification (and most organisations really should), you will need to renew it in the future. Running unsupported software will lead to an automatic “fail.”
While two years may seem like a long time, recent experience suggest otherwise. When GDPR came into force in May 2016 in the UK, there was a two-year grace period for business and organisations to understand what was needed and to take action.
Despite this, many businesses did not prepare in good time, and were left scrambling to put in place new processes and systems in order to meet the deadline.
Please do not make that mistake with Windows 10. We’ll continue to post on our social media channels between now and 14 October 2025 to remind Islanders that they need to prepare for this change.