Windows 10 launched to great fanfare in July 2015. Microsoft called it “an operating system as a service” which would receive continuous updates rather than be superseded by a new version roughly every five years.
However, Microsoft announced in April 2023 that the operating system would not be supported after October 14th, 2025. The end-of-support announcement applies to all Windows 10 users, whether in businesses, in schools, or at home.
What does 'end of support' mean for schools using Windows 10?
"End of support" means that Microsoft will stop providing bug fixes, security updates to remedy vulnerabilities, and technical support for problems that might occur.
Without security updates, any operating system becomes less secure over time as newly discovered vulnerabilities remain unfixed. Windows 10 will be particularly susceptible because it is so widely used and, therefore, an attractive target for cyber criminals.
What are the specific cyber security implications for schools?
Schools and trusts are increasingly targeted by cyber attacks. Any organisation that uses a no-longer supported operating system (or has not installed the latest available updates) leaves their systems exposed.
Cyber attacks can have devastating impacts on schools and trusts by blocking access to essential systems. This can lead to cancelled or hastily reorganised lessons and the inability to take registers, manage safeguarding, or handle payments. In the worst cases, hackers steal sensitive personal data and threaten to publish it online unless a ransom is paid.
Proactive IT management helps to safeguard school networks
Appropriate cyber security takes a multi-layered approach, with each part contributing to the overall effectiveness. It can be tempting to think that other cyber security protections, such as a suitable firewall, anti-malware, and anti-virus software, can compensate for an out-of-date operating system. While these measures reduce the risk, they do not eliminate it, and if exploited, a weakness in device operating systems can provide hackers with access to all parts of school systems.
Practical steps to take
Windows 11 was released in 2021 as a replacement for Windows 10. Existing laptop and desktop operating systems can be updated to Windows 11. However, not all devices in a school or trust will be compatible with Windows 11. Some may not have the correct specifications, and others may be too old.
RM can help schools and trusts assess their devices’ suitability and plan an upgrade programme. Alternatively, this is an excellent opportunity to replace old devices with higher-performing new ones.
Microsoft has announced that extended security updates (ESU) for Windows 10 will be available to the education sector for three years. At the time of writing, the UK pricing is not clear. However, the prices per device announced in the US double in each of the three years. Using the ESU programme could be said to merely delay the inevitable, as it involves spending time and money that could be devoted to a longer-term solution. ESUs are intended only as a stop-gap measure to support the transition to Windows 11.
The Department for Education’s cyber security standards for schools and colleges require that schools licence digital technology appropriately and keep it up to date. The standards mention that end-of-support dates must be recorded and acted upon.
The end of support date for Windows can seem like a long way off, but careful preparation now will help you avoid problems with cyber security, compliance and unplanned costs.