Windows XP use 'puts Met Police data at risk'
Data is at risk because the Metropolitan Police is still running 27,000 computers on the Windows XP operating system, according to a London Assembly member.
Andrew Boff, Conservative London-wide assembly member, said that since 2015, the Met has only upgraded 8,000 desktops to a new operating system, with another 6,000 due to be upgraded by September.
Windows XP has not received official security updates for more than two years, with the Met forced to pay for security patches instead of receiving free updates.
Boff said: “Operating systems age more like milk than wine, and Windows XP is well past its sell-by date.
“The Met should have stopped using Windows XP in 2014 when extended support ended, and to hear that 27,000 computers are still using it is worrying.
“My major concern is the security of Londoners’ information on this dangerously out-of-date system, but I would also like to know how much money the Met have wasted on bespoke security updates.”
Boff said that the Dutch government has recently paid £1.4m to Microsoft to continue security patches for Windows XP.
He also questioned the Met’s choice to upgrade to Windows 8.1, which he said was neither the newest nor best used version of the OS.
He said: “Staff are likely to be more familiar with Windows 10, but most importantly it will be supported further into the future.”
Boff is urging the Mayor to revaluate the Met’s upgrade schedule and have a better plan for future updates.
Information request reveals that number of reported incidents increased slightly
CyberArk, our sponsor for PublicTechnology Cyber Week, writes about how industry and government are working together to meet Australia’s cyber challenges
Auditors uncover £15m in fraud and errors and urge vigilance against dangers posed by pandemic
The perimeter security programme is already protecting thousands of NHS services and wants to work with more trusts, according to Rosie Underwood
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
CyberArk's David Higgins explores the cyber risks of hiring independent contractors