Naked Security website wrote this some while back:
What if you plan on going past 42?
We're not going to argue the point that you should change your mind at the last minute and upgrade all your remaining computers at once - not today, at any rate.
We shan't try to browbeat you into admitting that you'd probably end up saving yourself time and money if you simply retired that XP-only $2000 printer you bought 13 years ago, and replaced it with a smaller, faster, lighter $100 model with 16 times the pixel resolution, and 128 times the memory.
We'll leave out the guilt trips about how your ever-weaker security will put the rest of us at ever-greater risk.
And we'll skip over our surprise if your objection is that you don't like the fact that Microsoft is asking you to pay to upgrade, but you aren't willing to put your mouth where your money isn't, and switch to a free alternative. (There are many, including Linux and various incarnations of BSD.)
Eight tips re Windows XP
Instead, we'll assume there are unavoidable reasons why you have to keep sailing on the Steam Ship Windows XP for a while longer, and simply present you with a list of eight tips. 1.Get up to date in April 2014, and check you have every patch that Microsoft has ever offered you. 08 April 2014 will be your last Microsoft patch, so you probably won't be revisiting Windows Update. 2.Keep updating other software that you may be using, such as Flash, Java, your anti-virus, and more. Sophos Anti-Virus, for example will be supported on XP SP3 until at least 30 September 2015. (See tip [8].) 3.Consider tightening up the restrictions imposed by your anti-virus and your endpoint firewall (if you use one). If you must keep XP computers going, try to shrink their operational universe, so that they get used only when necessary, rather than whenever it's convenient. 4.Remove all software and drivers you are not using. In fact, make an active effort to minimise the set of applications you permit on your XP computers. Even software that is still being patched depends on operating system components that aren't, and it simply may not be possible for your vendor to work round lower-level holes in Microsoft's code. 5.If your anti-virus has an Application Control feature, use it to enforce any software restrictions you decide upon in tip [4]. Application control lets you set rules like, "Skype and other instant messaging clients aren't allowed at all, so we don't need to worry about any data they might leak." 6.Put your XP computers on their own network, and limit access into and out of that network as strictly as you can. If you are a Sophos UTM user, you can add UTM gateways to set extra, stricter network filtering for your XP computers, such as blocking email and instant messaging traffic, and preventing the use of social networks. 7.Urgently get rid of administrator-level user accounts if you have any left. You should have done this years ago, throwing out any desktop software which required administrator privilege to work. It's now more important than ever to do this, in order to reduce the scope of an attack if hackers do manage to get in. 8.Get on with your personal or organisational efforts to get rid of XP. Tips [2] to [7] don't really buy you more time - they just reduce the risk while you catch up. Don't be in this position again when 01 April 2015 comes around.
_________________ There's a raven in the distance, his inscription's all around you, you can't hide https://www.facebook.com/LiamMcKaheyandtheBodieshttps://cousteaux.com/music
|