3 Things to Understand About Legacy Hardware Systems to Protect Your Data

December 7, 2017

For whatever reason, there are plenty of brands and organizations that stick with legacy and out-of-date systems for their hardware and network.

Maybe they don’t have the budget to upgrade equipment and software. Maybe they don’t have the necessary resources because their internal IT team is too small to handle a widespread upgrade. Or, maybe the decision-makers just prefer saving money or using old systems.

What many don’t realize is that legacy systems – hardware and software – can double the risk of a data breach.

More than 8,500 organizations have over 50 percent of their computers running an out-of-date version of an internet browser, doubling their risk of attack.

Let’s take a brief look at an OS (operating system), for example. Windows, one popular OS, receives many official updates, from bug and security patches to new features.

Many of these updates, however, are released specifically to patch up or seal vulnerabilities in the platform. This means each update you — or your employer — ignores, you are compounding the risk of a data breach or cyber attack. That’s why Windows is designed to receive updates automatically and why it is always recommended to upgrade to the newest version(s) as soon as possible.

When a vendor no longer supports a system, you absolutely need to move on. The platform in question will no longer receive updates to fix bugs, no matter what’s discovered. If hackers find a gaping hole in the system, it will never be fixed. Of all apps tested in 2013, a whopping 96 percent had serious security vulnerabilities.

Knowing this, what are some important things to consider when sticking with legacy hardware and software systems? What are some things you can do to at least protect your data in the interim, until you can properly upgrade?

1. Always Update

Updates often do arrive at inconvenient times, and it’s tempting to delay them. However, you shouldn’t do this regularly. Upgrade as soon as humanly possible, and refrain from using the system until it’s done. If you find it difficult to find time, hash out a schedule. You can schedule systems to auto-download at a specific date and time. Have the updates install over the weekend, for instance, when no one is at the office.

The problem is that you need to prioritize all systems and hardware this way. It can get extremely overwhelming when you need to constantly upgrade hardware and software as often as it needs to be done. Unfortunately, there’s no way around this. The longer your systems or platforms go without being up-to-date, the more vulnerable they can be.

This applies not just to software, but also to hardware, too. For example, using the right kind of router can lower the risk of an attack. Edge routers are one option that are specifically designed to provide high-level security for your network while also ensuring that you can deliver quality services.

2. Enable Encryption

Encryption is not perfect, but enabling it is much better than not. You can locally encrypt data stored on a hard drive or remote server. You can also encrypt entire connections using SSL, so sensitive data being transferred is at least semi-protected.

Encryption is quite easy to understand. You lock your data behind a door, essentially, and seal it using a key. The only way to unlock that door – or decrypt the data for viewing – is to use the appropriate key. Otherwise, the door remains closed, and the data behind the door remains scrambled.

The actual technology and process is more complicated, but you get the gist. If and when you have the opportunity to rely on encryption, do so.

3. Monitor Your Network

All systems, devices and software tap into your local network. There are tools and resources to monitor who and what is using bandwidth. By actively monitoring this, you can lock out mysterious third-parties and prevent them from wreaking havoc.

A firewall works similarly. It is designed to block specific applications and network ports to prevent unauthorized connections. A notification usually comes in, and you have the option to allow or block that particular app, connection or hardware. A monitoring system for a local network would be nearly identical, allowing security professionals to authorize or deny various parties.

Since authorized parties can become vulnerable sometimes, this will also allow the security team to take action before further damage is caused by a trusted, yet infected system.

The bottom line is this: Keeping legacy hardware around isn’t worth the risk.

Kayla Matthews is an IT writer and reporter. Her work has appeared on ITProPortal, Motherboard, CloudTweaks and MakeUseOf. To read more articles by Matthews, check out her personal tech blog at produtivitybytes.com.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

3 Things to Understand About Legacy Hardware Systems to Protect Your Data

Related Articles

Related Products

Related Events

Report Abusive Comment