image-time-for-actionYou would have to have not been exposed to any news media recently to not have heard about the large data breaches at Home Depot and Target.  Reports indicated that over 100 million customer credit and debit card numbers have been compromised by the hackers behind these breaches.   But don’t just blame those Eastern European criminals.  Unless you have been really studying this news story closely, you might not know that there is more blame to go around!   Part of the blame for these huge intrusions can be placed on the retailers themselves because their negligence was in part responsible for what happened.

What are they NOT telling you?
These hackers exploited a vulnerability in the Microsoft Windows XPe operating platform in order to achieve their objective.  But what they are not telling you is that this vulnerability in Windows XPe was patched and fixed by Microsoft over ten years ago and that they never bothered to apply that patch to their retail Point of Sale systems to protect their customers.

This operating system is a derivative of Windows XP which is over 13 years old, one that Microsoft stopped supporting earlier in 2014. This system is in place in most major American retail stores and unfortunately is still in place now in many places even though Microsoft has introduced three new generations of this software.   Patching/replacing/upgrading such software (and hardware) is the right thing to do in today’s technology-driven business environment.  Unfortunately, these and numerous other retailers, have failed to stay up to date in terms of security and technology.

What are the Lessons?
From a customer point of view, one lesson might be to try to pay cash more frequently to lessen the risk of exposing your personal financial information to potentially the wrong hands.

But from a business or organizational point of view, the lessons are clear:   Update your technology in every way, consistently.    That includes budgeting for yearly replacement of 20% of your total investment in hardware and software.  Doing so ensures that you can target your most important devices and applications to be up to date and never more than 5 years away from technology standards.  But that also includes patching and updating your software and hardware consistently as updates and patches are rolled out by technology providers.  Those updates are key for productivity and security.   Do not ignore them, it might come back to haunt you.

A proactive approach to technology strategy and management is necessary for most successful organizations today and IT Radix is poised and ready to help you and your organization be up to date and secure.  Feel free to reach out to us anytime on any topic relating to computer networks and communications.