Share

The security risk of end of life hardware

Some things last forever, others are superseded by more improved models. The latter is particularly true in the fast-paced world of technology. As a result, hardware eventually reaches end of life (EOL) – the end of its manufacturing lifespan, and sooner or later it must be retired. Upgrading to the shinier new model brings plenty of benefits but this shouldn’t overshadow the more serious implications that stem from an EOL hardware announcement.

When devices reach EOL status, the support provided by vendors is eliminated. This usually means no more tech support, hardware repairs or firmware updates. It doesn’t render your hardware immediately useless, but neglecting your device’s EOL dates can lead to a situation where you’re adding yet another security risk to the business.

The vulnerability of connected EOL devices

When vendors close the support door on old operating systems and hardware, the gate is opened for cybercriminals. Consider connected devices, such as an IP camera, a video conferencing system or an old switch or router. Each have their own operating system and without software patches and security updates, cybercriminals can take advantage of dated operating systems to gain access.

This can have dangerous consequences. One of the most damaging cybersecurity incidents involving ransomware in an operating system was the ever-familiar 2017 WannaCry outbreak – which has been estimated to cause $4 billion in losses across the globe1. Of the approximately 230,000 computers infected globally, 98% were reportedly running an unpatched version of Windows 72.

It’s not just unpatched software that puts an organisation at risk, connected devices have already proven to present real danger, even before they reach EOL. More recently, a breach of cloud-based security cameras at Verkada saw hackers gain access to security-camera data including footage in Tesla factories and warehouses, as well as hospitals, companies, police departments, prisons and schools. The hacker-collective behind the massive breach of hardware claimed they wanted to demonstrate the pervasiveness of video surveillance, but also how easy it is to hack these systems and expose sensitive and private footage3. To that end, we can agree they were successful!

Simply put, when hardware reaches EOL, you’re putting your environment at considerable risk by not upgrading:

  • At risk data: The number one risk of EOL hardware is vulnerability. A security flaw in an EOL device can be a minefield of security hazards because breaches don’t just affect that device. If a device is unpatched and has network access, it takes just one successful attack to have major impact and consequences.

 

  • The cost of maintenance: EOL doesn’t just mean no more patches and upgrades, it may mean parts or accessories are no longer produced. This creates headaches for IT when it comes to sourcing scarce parts that are either difficult or impossible to obtain, or often costly.

 

  • Business productivity: Ageing hardware is unreliable and fails much more often than newer hardware, making it far more likely to contribute to moments of downtime that will continue to drain workplace productivity and frustrate users.

 

  • Legal ramifications: For organisations that handle sensitive customer data – health and government, for example – the security dangers of EOL devices is escalated. For these organisations, failing to protect your data in line with compliance and regulatory standards could result in significant fines and legal consequences.

The great attack on collaboration tools

When we talk about EOL hardware, we’re also referring to collaboration devices and tools. We saw adoption of these solutions surge throughout 2020, with hackers just as quickly adding these to their hit list. In fact, an Interpol report found that two-thirds of companies have been attacked via their own collaboration tools in just 12 months4.

As workplaces begin to reopen and employees step back into the office, collaboration devices and tools will need to be put under the microscope to ensure they are up to date and protected. If they’re reaching EOL, a refresh is likely in order. The good news is, these new and emerging security concerns are being addressed in the latest collaboration tools with many now including advanced features that may be missing from your EOL collaboration hardware, such as:

  • Improved standards-based zero-trust encryption
  • Data loss prevention (DLP) capabilities
  • Encryption and secure identity capabilities
  • Enhanced troubleshooting, analytics and granular policy additions.

EOL hardware poses many risks to your organisation and could end up impacting your bottom line in many unforeseen ways. However, it doesn’t have to spell disaster. By understanding the risks associated with your dated hardware, you’ll be one step closer to removing those vulnerabilities and protecting your organisation.

Is it time to evaluate and upgrade your in-office setup?

After a year like last, office buildings were missing people and meeting room hardware was left idle.  It could be time to update vulnerable end of life hardware. Protect your network and bring your employees back to office with the power, ease and safety of the Cisco Webex Desk Series collaboration devices. Or ‘try before you buy’ with a free 90-day trial on all Cisco Webex devices.

Why Data#3 and Cisco?

As a Gold Certified Cisco Partner and Cisco Master Collaboration Partner, Data#3 combines consulting, technical expertise and Cisco market-leading technology to help Data#3 customers securely navigate the complexity of the new digital era.

Contact a Data#3 Cisco Specialist

 

1 Cisco (2018). Annual Cybersecurity Report. [Online] Available at: https://www.cisco.com/c/m/en_au/products/security/offers/annual-cybersecurity-report-2017.html

2 The Verge, (2017). Almost all WannaCry victims were running Windows 7 [ONLINE]. Available here.

3 The Washington Post, (2021). Massive camera hack exposes the growing reach and intimacy of American surveillance [ONLINE]. Available here.

4Interpol, (2020). INTERPOL report shows alarming rate of cyberattacks during COVID-19 [ONLINE]. Available here.

Tags: Cisco, Collaboration, Modern Workplace, Security

Featured

Subscribe to our blog

Related

The Evolution of Cloud

Way back in the sixties the first mainframe time-sharing project was conceived, but it wasn’t until 1997 that a Texan…

The risk of end of life hardware
The security risk of end of life hardware

Some things last forever, others are superseded by more improved models. The latter is particularly true in the fast-paced world…

Zero Trust Multi-Factor Authentication with Cisco Duo

Secure access to the cloud for any type of application using corporate data and proactively reduce the risk of data…

Patch and protect Exchange Server security vulnerabilities

I wanted to ensure all Data#3 customers are aware of an active zero-day vulnerability impacting multiple on-premises Microsoft Exchange Servers.

Data#3 Named Snow Software APAC Growth Partner of the Year for 2020

March 12, 2021; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is proud to announce that it has…

The Future in Focus: A Technology Report from Data#3

The unparalleled turbulence of 2020 and its resulting effects have been monumental. Driven by the global pandemic, mass changes to…

Cisco Multi-Cloud Connectivity
Uniting your distributed workforce with multi-cloud connectivity

Following a year perhaps best described as bonkers, it’s an opportune time to catch your breath and evaluate just how…

Data#3 Presents Roundup on What Lies Ahead: the Future in Focus

January 4, 2021: Brisbane, Australia: For numerous reasons, 2020 will be a year that few are reluctant to farewell. On…