Legacy Computers In The Modern Era

With the average data breach now costing companies around $3 million, it’s hard to swallow an excuse for poor security practices. A data breach from legacy computers could cost your company in terms of lawsuits, damaged reputation, and fewer sales in the future. Your company can’t afford to ignore a legacy system’s vulnerabilities.

If you’ve got legacy computers in your office, having them networked to your system might be a necessary evil. They might not be updated because of a need for proprietary software or they might not be updated because of negligence. It won’t matter to a nefarious actor looking to get control of your system. To ensure you don’t leave your company and its assets open to an attack, you need to address these 4 vulnerabilities in your legacy system.

1. Guest Users
Guest users are created for a variety of reasons. They’re sometimes created to test something on a system before it’s handed off to a staff member. Guest and duplicate users are sometimes created when migrating data or simulating an environment.

Whatever the reason, they don’t always have secure passwords. Sometimes they have no password at all. If they also have admin privileges, you’re leaving your computer open to being attacked. Make sure there is a short list of people who have access to your legacy system.

2. Old Browsers
You might be constantly irritated by how often your browser is asking you to update. As annoying as that might be, it’s in response to how often security efforts are updated to keep out new viruses you haven’t heard about yet.
Older browsers will be vulnerable to these viruses. Accessing the internet with a legacy browser on a legacy computer could be a recipe for disaster.

3. Hardcoded Passwords

Sometimes when software is first installed or created on a machine, the password and logins follow a pattern of defaults. It could be simply “admin” and “password”. It could even be blank. If a bad actor could access your code, they might see the password written in the metadata. This is often true when testing out beta versions of your software. So many of our government offices rely on old systems, it’s a wonder we don’t hear about more hacks.

4. Saved Logins
Along with those old browsers comes old saved passwords. If your legacy browser was auto-filling password or personal information, there could be a serious reason to want to update the system. It could be leaving company secrets or personal communications open to being leaked. Depending on what industry you’re in, legacy computers could be the reason why you lose a whole quarter of revenue when hackers leak your content.

Legacy Computers Have a Purpose But Beware

No one keeps an old computer around for no reason. Often they serve a purpose other than nostalgia. For software and engineering companies, they could be an archive of old work. If you want to retire your legacy computers, check out the 3Si2 guide to data integration.