Could your charity be facing a security and compliance risk?

21st August 2019

Charities running Windows 7 won’t be GDPR compliant in six months’ time, and risk leaving their systems and information vulnerable to cyber attack.

After ten years, the Windows 7 operating system is reaching the end of its life in January 2020. As 2019 comes to a close, Microsoft will start to issue a stream of reminders to users still running the operation system to take action – consider this advanced warning if your charity still has devices running Windows 7.

The reason for expiration is that Microsoft can’t keep updating and providing support for its entire backlog of products, so all of them have an expiry date. Windows 8 support ended in January 2016, and Windows 8.1 in January 2018, so anyone running those systems will already be out of date. Because Windows 7 is a more popular operating system, Microsoft kept support open for longer, but this is now coming to an end in January 2020.

When products are kept running on your computer beyond their official end of life and you are running unsupported software – programmes that no longer receive important updates such as technical support or security patches.

Inevitably, this means that older software is more vulnerable to exploitation and data theft, leaving your organisation wide open to cyber attack. Security patches, or downloaded updates from Microsoft’s servers, are essential to fixing these vulnerabilities.

If your charity holds or processes personal data, GDPR requires you to put into place, as a legal minimum, appropriate security measures to protect that data, and this includes ensuring you have the latest security updates in place.

Under GPDR, organisations of all kinds can be fined up to 20m Euros or 4% of their annual turnover for a breach of personal data – a few have been stung with huge fines already.

Microsoft ask that organisations consider an upgrade to Windows 10, or switch to a completely different environment such as Apple.

Eligible charities can access a discounted version of Windows 10 Pro or Enterprise on the Charity Digital Exchange programme, for just £14 + VAT per license.

If your devices are not running an operating system that’s eligible for an upgrade (due to being unlicensed or improperly licensed), small and medium sized charities may be able to request a license through the Get Genuine programme, also on Charity Digital Exchange. These can be bought for just £8 + VAT and allows charities to then download Windows 10 Pro.

It’s worth also keeping an eye out on the Exchange for occassional charity-specific deals on laptops and other hardware that come in from time to time, but these deals are limited and tend to go fast so charities will need to move quickly. Sign up for the newsletter here to stay in the know.


Click here for more information.