M-F 8:00AM TO 5:30PM CST
Better coverage. Better price.
Don't Risk IT
What Happens if I Don’t Update Windows XP?

What Happens if I Don’t Update Windows XP?

When will Microsoft stop supporting XP? April 8, 2014. Warn your clients properly and make sure to address these data security issues with them.

Monday, April 7, 2014/Categories: cyber-liability

As an IT professional, you've probably heard the news that Microsoft will no longer be supporting Windows XP, but what do you do about clients who are still using this old Windows operating system?

That's a tricky question to answer, in part because Windows XP shows up many places. For instance, many point-of-sale systems use Windows XP. (See a more thorough examination of POS liability in "End of XP Support Could Affect Retailers.") Depending on the type of hardware and software your clients have, they might have Windows XP running and not even realize it.

But for simplicity's sake, let's assume a client is running Windows XP on their desktop / network. As ComputerWeekly reports, Microsoft will officially stop supporting Windows XP tomorrow, April 8, 2014. That doesn't give you much time to work with.

If you haven't done so already, you'll need to talk with clients about the costs of upgrading and the risks involved with staying with obsolete software. Let's go over some of the key talking points.

How to Explain to Clients that Windows XP Users Will Soon Be Vulnerable

As you reach out to clients to discuss their soon-to-be obsolete software, make sure you explain the following…

  • When Microsoft no longer supports XP, expect an onslaught of new security weaknesses. Some clients may just think they are using old, slow software, but in reality they are use software that is exposed to more and more data breaches. When Microsoft stops updating XP, that means that anytime someone finds a security flaw in the software, hackers everywhere will have a new way to break in. Since no patches will fix these flaws, the software will soon have more holes than Swiss cheese. (For an example of how these same issues plagued old versions of Java, see "Stale Coffee: Old Versions of Java Expose Programmers to Cyber Liability.")
  • Hackers love old software. Clients probably don't understand how hackers build botnet armies that go looking for known security flaws. These autonomous computer networks wander the web searching for users that have a particular kind of software. In the future, botnets will target XP users and exploit the software's unpatched weaknesses.
  • The cost of upgrading is much less than a data breach. Small-business owners who are hacked are surprised at just how expensive it can be. According to research by the Ponemon Institute, the average data breach costs millions (not thousands) of dollars. And the aftermath can last years.
  • Added functionality and improved user experience come with upgrades. Don't forget to emphasize the positive. When upgrading to new software, clients also get better tools, faster technology, and added support. Plus there's that unbeatable new-software smell!
  • Secondary software / services may also need upgrading. Small business clients often use software well past its prime. For instance, a client may be using ancient Quickbooks software for their record keeping. When they switch from Windows XP to another operating system, they may have to get new enterprise software. This can be a complicated transition. Your clients will have to choose between, say, a new version of Quickbooks or a cloud-based service. Your clients may soon be overwhelmed with all these options, so walk them through the process carefully.

Having "the Talk" with Your Clients: Why They Need to Give Up Old Software

One of the main reasons your clients need to give up their old software is because it puts you at risk. You could be sued if a client sticks with Windows XP and ends up getting hacked. The law holds IT consultants and project managers responsible for recommendations they make and software they install on client computers.

With that in mind, here's how to mitigate your risk:

  1. Inform all clients about that support for Windows XP is expiring on April 8, 2014. Direct them to Microsoft's support page for XP and XP expiration FAQs.
  2. Formally recommend (in writing or via email) that clients upgrade their software. Do this even for old clients because you can still be held liable for their data breaches.
  3. Explain that upgrading to a new OS means that some old software may no longer be compatible. Clients might have to spend more money upgrading third-party software.
  4. Make sure you're covered with an E&O Insurance policy for IT professionals. These policies cover lawsuits about data loss during upgrades, data breaches on client computers, compatibility issues, and other liabilities you may have in a situation like this.

Taking these four steps will help mitigate your risk. You'll explain the risks involved with sticking with Windows XP, while also laying out the expenses and headaches that come with transitioning to new software. By having E & O coverage, you're managing your own risk. Hey, someone's got to look out for you!

For more on the cost of cover IT liabilities, check out our free cost estimates on E&O Insurance.


The Small Business
Insurance Leader
800.688.1984 | 8 am - 5:30 pm CST | M-F
Customer Rating 4.9 out of 5
Read Customer Reviews


The Small Business Insurance Leader