fbpx
Share

The security risk of end of life hardware

Some things last forever, others are superseded by more improved models. The latter is particularly true in the fast-paced world of technology. As a result, hardware eventually reaches end of life (EOL) – the end of its manufacturing lifespan, and sooner or later it must be retired. Upgrading to the shinier new model brings plenty of benefits but this shouldn’t overshadow the more serious implications that stem from an EOL hardware announcement.

When devices reach EOL status, the support provided by vendors is eliminated. This usually means no more tech support, hardware repairs or firmware updates. It doesn’t render your hardware immediately useless, but neglecting your device’s EOL dates can lead to a situation where you’re adding yet another security risk to the business.

The vulnerability of connected EOL devices

When vendors close the support door on old operating systems and hardware, the gate is opened for cybercriminals. Consider connected devices, such as an IP camera, a video conferencing system or an old switch or router. Each have their own operating system and without software patches and security updates, cybercriminals can take advantage of dated operating systems to gain access.

This can have dangerous consequences. One of the most damaging cybersecurity incidents involving ransomware in an operating system was the ever-familiar 2017 WannaCry outbreak – which has been estimated to cause $4 billion in losses across the globe1. Of the approximately 230,000 computers infected globally, 98% were reportedly running an unpatched version of Windows 72.

It’s not just unpatched software that puts an organisation at risk, connected devices have already proven to present real danger, even before they reach EOL. More recently, a breach of cloud-based security cameras at Verkada saw hackers gain access to security-camera data including footage in Tesla factories and warehouses, as well as hospitals, companies, police departments, prisons and schools. The hacker-collective behind the massive breach of hardware claimed they wanted to demonstrate the pervasiveness of video surveillance, but also how easy it is to hack these systems and expose sensitive and private footage3. To that end, we can agree they were successful!

Simply put, when hardware reaches EOL, you’re putting your environment at considerable risk by not upgrading:

  • At risk data: The number one risk of EOL hardware is vulnerability. A security flaw in an EOL device can be a minefield of security hazards because breaches don’t just affect that device. If a device is unpatched and has network access, it takes just one successful attack to have major impact and consequences.

 

  • The cost of maintenance: EOL doesn’t just mean no more patches and upgrades, it may mean parts or accessories are no longer produced. This creates headaches for IT when it comes to sourcing scarce parts that are either difficult or impossible to obtain, or often costly.

 

  • Business productivity: Ageing hardware is unreliable and fails much more often than newer hardware, making it far more likely to contribute to moments of downtime that will continue to drain workplace productivity and frustrate users.

 

  • Legal ramifications: For organisations that handle sensitive customer data – health and government, for example – the security dangers of EOL devices is escalated. For these organisations, failing to protect your data in line with compliance and regulatory standards could result in significant fines and legal consequences.

The great attack on collaboration tools

When we talk about EOL hardware, we’re also referring to collaboration devices and tools. We saw adoption of these solutions surge throughout 2020, with hackers just as quickly adding these to their hit list. In fact, an Interpol report found that two-thirds of companies have been attacked via their own collaboration tools in just 12 months4.

As workplaces begin to reopen and employees step back into the office, collaboration devices and tools will need to be put under the microscope to ensure they are up to date and protected. If they’re reaching EOL, a refresh is likely in order. The good news is, these new and emerging security concerns are being addressed in the latest collaboration tools with many now including advanced features that may be missing from your EOL collaboration hardware, such as:

  • Improved standards-based zero-trust encryption
  • Data loss prevention (DLP) capabilities
  • Encryption and secure identity capabilities
  • Enhanced troubleshooting, analytics and granular policy additions.

EOL hardware poses many risks to your organisation and could end up impacting your bottom line in many unforeseen ways. However, it doesn’t have to spell disaster. By understanding the risks associated with your dated hardware, you’ll be one step closer to removing those vulnerabilities and protecting your organisation.

Is it time to evaluate and upgrade your in-office setup?

After a year like last, office buildings were missing people and meeting room hardware was left idle.  It could be time to update vulnerable end of life hardware. Protect your network and bring your employees back to office with the power, ease and safety of the Cisco Webex Desk Series collaboration devices. Or ‘try before you buy’ with a free 90-day trial on all Cisco Webex devices.

Why Data#3 and Cisco?

As a Gold Certified Cisco Partner and Cisco Master Collaboration Partner, Data#3 combines consulting, technical expertise and Cisco market-leading technology to help Data#3 customers securely navigate the complexity of the new digital era.

Contact a Data#3 Cisco Specialist

 

1 Cisco (2018). Annual Cybersecurity Report. [Online] Available at: https://www.cisco.com/c/m/en_au/products/security/offers/annual-cybersecurity-report-2017.html

2 The Verge, (2017). Almost all WannaCry victims were running Windows 7 [ONLINE]. Available here.

3 The Washington Post, (2021). Massive camera hack exposes the growing reach and intimacy of American surveillance [ONLINE]. Available here.

4Interpol, (2020). INTERPOL report shows alarming rate of cyberattacks during COVID-19 [ONLINE]. Available here.

Tags: Cisco, Collaboration, Modern Workplace, Security

Featured

Related

Data#3 name Dell Technologies Top Performer Award
Data#3 named Dell Technologies Top Performer 2022 for Australia

September 12, 2022; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is delighted to announce that it has…

Smart spaces are changing the workplace
Will Smart Spaces Be a Game-Changer in Your Workplace?

Many elements of smart space technology were already theoretically possible, but integrating sensors and smart cameras, for example,…

Transform any space into a smart space
Smart Space Experience Guide

If there’s one thing that a global pandemic has shown, it is that those working with technology are masters…

ACSC Essential Eight Maturity Model: Multi-Factor Authentication
Essential Eight Maturity Model: Multi-Factor Authentication

In 2021, the Australian Cyber Security Centre (ACSC) updated the Essential Eight Strategies to Mitigate Cyber Security Incidents Maturity…

Customer Story: Main Roads Western Australia

Main Roads Western Australia Boosts Visibility and Security with Microsoft Defender for Identity Solution from Data#3…

Customer Story: Hydro Tasmania

Hydro Tasmania seamlessly transitions to work from home across Australia Download Customer Story…

Making Computer Vision Accessible to Everyone

When we hear the word ‘camera’, we almost certainly think ‘picture’, and so it is that with CCTV…

Webinar: Data#3 Licensing Update and Microsoft 365 A5 Deep Dive
Data#3 Licensing Update and Microsoft 365 A5 Deep Dive

During the recent ISQ IT Managers forum, many schools expressed strong interest in a follow-up session on Microsoft 365…