What effect does Windows 7 have on the Cyber Essentials Certification?

Windows 7 cyber essentials


Windows 7 End of Life

On 14th January 2020, Microsoft ended all support for the widely used Windows 7 operating system, despite this, a large number of the world’s computers, mostly in corporate environments, are still running the nine-year-old system.

The End of Life (EOL) for Windows 7 means there will be no further software/security updates including patches and technical assistance for the product leaving you more vulnerable to security risks.

Corporate users of Windows 7 Professional or Windows 7 Enterprise will be able to purchase extended support through the Cloud Solution Provider (CSP) program to ensure your clients get the security they need while you transition to Windows 10.

How does this affect the Cyber Essentials Certification?

Cyber Essentials is a Government-backed, industry-supported scheme designed to protect your organisation from cyber-based threats and confirm your company’s IT systems comply with essential cyber security controls.

As Windows 7 (and Windows Server 2008) are now unsupported they are no longer receiving patches or updates from Microsoft and are, therefore, more at risk from new security threats. It is an explicit requirement of the Cyber Essentials scheme that all software is licensed and supported and so, on that basis, Windows 7 and Windows Server 2008 are now automatic fails.

Additional guidance can be found on the NCSC website here: https://www.cyberessentials.ncsc.gov.uk/requirements-for-it-infrastructure

NCSC Advice

“The NCSC would encourage people to upgrade devices currently running Windows 7, allowing them to continue receiving software updates that help protect their devices. 

“We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device and not to use them for tasks like accessing banks and other sensitive accounts.

 “They should also consider accessing email from a different device.”

If you have any queries regarding the Cyber Essentials Certification, please contact us at [email protected].

Scroll to Top