If your IT assets are aging, it can be tough to set a direction for how to proceed. In some cases, upgrading hardware can be an important step in upgrading your software, but in others, it might make a mess of some of your current software solutions. Today, we’ll take a look at some important considerations regarding your hardware and software’s lifecycles and how to take charge of your IT infrastructure.
How Long is too Long?
Typically, hardware devices have a lifecycle of five years in the business world. This is partly because of the way software is maintained. We’ve mentioned before the importance of replacing network infrastructure (like routers, firewalls, etc.) every five years to ensure that you have patches and updates coming in when researchers find a vulnerability. It’s a little less obvious with workstations, laptops, and servers, since they typically receive a longer support period, but hardware is usually outdated around the five year mark anyway.
That means that the lifecycle is also dependent on hardware longevity and improvements. Processors, to take one example, improve dramatically in the span of five years. Even if we aren’t exactly on track to satisfy Moore’s Law, processors have experienced great advances in efficiency and power savings over the past few years. Using old processors today results in higher than necessary power consumption. While that might not justify an upgrade on its own, when paired with the increases in processor performance, newer processors continually look like a wise investment.
Differences in Server Technology
Server hardware can often last longer in good conditions, but since its software and operating systems are separate from workstation and consumer software, server software usually goes out of service quicker. Versions of Windows Server from around 2016 are currently reaching mainstream end-of-support dates, only being an officially supported OS for roughly five years in total.
Because of the job that servers do (connecting with other devices locally or on the internet), server security needs to be cutting-edge at all times; older server OSes and applications just won’t cut it. Much like workstation technology, servers continuously become both more efficient and powerful, and in the long run, an upgrade in performance and efficiency can pay off.
Over the past few years, Microsoft has worked together with hardware manufacturers to implement hardware security features. With the rollout of Windows 11, Microsoft cut off support for motherboards that don’t have TPM, for instance. In certain communities, the practicality and usefulness of hardware security features are debated, but when Microsoft uses low-level hardware features like UEFI or TPM as a bare minimum standard for running Windows, it signals to users that it’s time to upgrade.
As we noted in an earlier post, this dropped support for virtually all motherboards that had been built a decade or more ago. Regardless of the actual security implications of running a machine that uses MBR or that doesn’t support Secure Boot, it’s a pretty clear line in the sand drawn by Microsoft, and a (possibly welcome) barrier to hanging on to legacy hardware and old workstations.
Avoiding the End-of-Life Trap
At the very least, you have to avoid going to the end-of-life date of your software and device firmware. When a device is no longer supported, there are only two options left: decommission it or pay for extended support (sometimes from a 3rd party). People do try to make exceptions though, usually when companies rely on an old piece of embedded technology. While this is generally not good practice, an example can illustrate why specialty hardware and software can trap people this way.
I recently heard of an automobile mechanic that still runs versions of Windows from the 1990s. The decision to go decades past the end-of-support was made because the computer is an integral part of doing alignment service on vehicles; the machinery, which runs WIndows 98 SE, costs more than $15,000 to replace, and since the computer isn’t network connected it was deemed to not be a security threat. But all devices that rely on old tech are vulnerable to hacking and can often be easily exploited with vulnerabilities that have been known for years. It’s not a reasonable idea to keep devices around that can’t be updated.
-Written by Derek Jeppsen on Behalf of Sean Goss and Crown Computers Team