Survey: 45% of IT departments will move to Windows 7, eventually; 43% refuse to migrate off Windows XP

Survey: 45% of IT departments will move to Windows 7, eventually; 43% refuse to migrate off Windows XP

Summary: A new TechRepublic survey shows that 96% of IT departments are still running Windows XP as their primary operating system, and 43% plan to keep XP indefinitely and avoid migrating to Windows 7.

SHARE:

A new TechRepublic survey shows that 96% of IT departments are still running Windows XP as their primary operating system, and 43% plan to keep XP indefinitely and avoid migrating to Windows 7. Meanwhile, 45% of the TechRepublic respondents said that their IT department will eventually switch to Windows 7.

The voluntary, self-selecting survey was conducted in June and had over 10,000 participants from among TechRepublic's audience of 1.4 million IT professionals who regularly visit the site.

As for the time frame of migrating, 52% said they will until the absolute last minute before moving off of Windows XP (so that includes some of the people who plan to eventually move to Window 7). Another 25% estimated that it would be either two years (20%) or three years (5%) before they migrate off Windows XP.

As for why these IT professionals are delaying the move off of XP, 63% said that there's is no compelling reason to make a switch:

Despite their reluctance to move to Windows 7, 76% of the IT pros said that they had no plans to consider an OS switch to Mac or Linux or casually considered it and don't see the benefits:

Topics: Software, Microsoft, Operating Systems, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

38 comments
Log in or register to join the discussion
  • Penny wise, pound foolish.

    XP is unsecurable. Enterprise AV, all the tools, etc, it is fundamentally broken. All these enterprises deal with constant and unrelenting security threats. It really has no place in the enterprise if you care about security. Yes, the functionality works, but you are throwing all that money in constant scanning, patching, infection resolution (enterprise AV, that's a good joke, just an expensive label on a semi-useless product).

    Any company holding onto XP like grim death is shooting themselves in the foot. Virtualize critical XP programs on Linux, or Windows 7. Run Windows 7 testing on older hardware, if it works, start looking to migrate. Where it's too old, identify the users who can "squeek by" with Linux. Crossover runs Office flawlessly and eliminates the underlying OS insecurity.

    This is not about Linux over 7, not my intention, just that you need to dump in any way shape or form XP from the enterprise.

    Aside, shame on MS for still pushing XP on netbooks, guaranteeing a roving botnet for many many years to come. I tried and hated Vista (came with my eMachine) before I dumped it, but dog slow and counter intuitive, if I had to use Windows, I would have used it over XP any day. Could they really have not stripped Vista to run on netbooks?

    Oh well, until the next massive security threat takes over your networks or the weekly disinfect session from the latest threat the enterprise AV failed to protect, or the next massive security patch problem causes a few thousand person hours of lost productivity, hang onto it like grim death.

    TripleII
    TripleII-21189418044173169409978279405827
    • Just some pound foolish examples.

      http://www.computerworlduk.com/community/blogs/index.cfm?entryid=2316&blogid=14

      Note that I removed the anti-windows bias, I don't want a flame war, what really needs to happen is the death of XP. :D

      [B]
      The `Conficker worm' caused chaos when it hit Manchester town hall in February. Now we can reveal the bug cost the council more than ?43,000 in `lost' bus lane fines.

      In total, the Conficker worm ?cost taxpayers in Manchester nearly ?1.5m, the M.E.N has learned.

      A ?1.2m bill in the IT department, including ?600,000 getting ?consultancy support? to fix the problems, which including drafting in experts from Microsoft;

      ?178,000 in extra staffing costs across the town hall ? including ?169,000 going to clear up a backlog of benefits claims and council tax bills;

      Compensation payments due to delays in processing benefit claims. [/B]

      Gee, do you think ?1.5m is the only security related expense encountered last year, or is a few more million pounds lost to the XP experience?

      TripleII
      TripleII-21189418044173169409978279405827
    • WIndows XP is very secure.

      Just follow these simple rules:

      1. Use an unprivileged account.
      2. Ensure the built in firewall is enabled and not allowing access to unnecessary services.
      3. Keep up to date on patches.

      If these three things are done security issues will be a thing of the past.
      ye
      • Good to see someone who knows what they're talking about

        Point #1 is key. The problem is most people don't know how to do this. Here's one solution (because it is turnkey):

        http://download.cnet.com/RemoveAdmin/3000-2381_4-10824971.html?tag=mncol

        RemoveAdmin is small utility that will remove administrative rights when launching IE or Firefox. The installer creates shortcuts but if you look closely, they reference a small program, removeAdmin.exe, with the path to IE or Firefox as the argument.

        The Windows security programming model allows for the modification of security credentials when spawning a new process. The specific API that makes this possible is CreateRestrictedToken and it was introduced with Windows 2000.

        Sadly, MS when introducing Windows XP Service Pack 2 in 2004, it never had the sense to add a checkbox when creating a new shortcut that might have read "Remove administrative rights when launching this program." More to the point, use the security features that ship with every copy of Windows XP.

        -M
        betelgeuse68
      • Simplistic

        Some of our critical apps refuse to run on unprivileged accounts, and if you have to run as an administrator, there is no way to lock down XP to prevent infection. About the best we can do is try to educate our users, and spend the time to clean their machines regularly.

        Or, we can migrate to Vista or 7, which so far has been far more resistant to malware than XP ever was.
        itpro_z
        • Have you investigated as to why?

          [i]Some of our critical apps refuse to run on unprivileged accounts, and if you have to run as an administrator, there is no way to lock down XP to prevent infection.[/i]

          In most situations a qualified IT staff can resolve these issues. But your point is taken Which means they're unlikely to run under Vista/7 as anything other than an administrator.

          [i]Or, we can migrate to Vista or 7, which so far has been far more resistant to malware than XP ever was.[/i]

          I suspect because the default in Vista/7 is to use an account without privileges.
          ye
        • A real world perspective

          "Some of our critical apps refuse to run on unprivileged accounts"

          Major reason XP continues to be popular.

          Ye's other points: 2) XP firewall is ineffective against popular exploit
          attack vectors, 3) XP Professional mainstream support already retired,
          extended support 2014.

          Hopefully win7 will be good enough that XP can be retired.

          Interesting from the survey that over 50% are willing to look at non-
          windows alternatives (30% unsure of benefits, rest interested). Hope
          for IT yet.
          Richard Flude
          • Not really.

            [i]Interesting from the survey that over 50% are willing to look at non-windows alternatives (30% unsure of benefits, rest interested).[/i]

            Smart IT departments look at all their options.
            ye
          • Agree

            "Smart IT departments look at all their options."

            True, must be a real concern to MS.

            It doesn't say much for the 46% of windows operations that haven't
            looked at the alternatives.
            Richard Flude
          • As a matter of interest...

            What is wrong with XP's built-in firewall? I visited my sister recently, and while I was there I tried to resolve a problem she was having with AVG 8.5's firewall. (The d*mn thing didn't want to initialize correctly, and when I [b]did[/b] finally succeed I found that it would reset itself to block [i]all[/i] Internet traffic after every reboot!)

            The bottom line was that I had to disable AVG's firewall and restore the built-in XP firewall instead. The only alternatives would have been granting Admin rights to all users so that they could reset the firewall each time, or having no firewall at all. Neither of these struck me as particularly compelling...

            I'll be armed with an Ubuntu installation disk on my next visit - my sister only uses that machine for email and browsing the Internet. And then one more XP machine will [b]die[/b].
            Zogg
          • Not XP's firewall per se

            but packet filtering firewalls in general. Common malware infection for
            desktop PC is likely via browsers, email and removable media. A firewall
            offers no protection for these attacks.
            Richard Flude
        • Run As...

          Windows XP's Run As command is your friend. You can run as a power user in professional which still gives greater functionality over a limited user, you can even add them to the network configuration group to allow them to change networking settings if you want them to and then set up an administrative account (either a single authorizer account, or giving supervisors each one, whatever works for your business) to authorize legacy applications and other apps that need admin priveliges. You can insulate yourself even further by stripping admin group of certain rights in Local Security Policies and creating a super admin group for IT users only, so that even the authorizing admins are more secure. Since I did this, viruses and spyware are more rare, and are limited to a specific user profile instead of spreading to system areas.

          Of course this is easier in NT6 (Vista/7) because some of it is put in by default in those OSs as opposed to having to be tweaked in XP, but XP can run secure.
          JasonJD48
      • It can't be done in any reasonable way.

        You can't run XP in un-privileged for the vast majority of software in use today. Nice idea, doesn't work. The number of IT security bulletins and "how to see if you are infected" is rising at my company, and it is Norton's Enterprise Suite in place on XP machines, all the security policies and I still chuckle at my colleages with the "Reboot now or automatically in 5 minutes" saying FFS!. In a company of over 65K employees, the IT staff might know what they are doing, and it is a constantly losing battle to keep them secure.

        http://nonadmin.editme.com/KnownProblems
        [B]Microsoft AntiSpyware Beta does not like multiple users on a machine, meaning if you have one administrator account and one or more limited user accounts it repeatedly, over and over and over and over and over and over and over and over and over and over and over, issues warnings about default settings having been changed when all you've done is signed on to an account other than the one (administrator) that installed the software.[/B]

        If you read all of the apps listed at the link above, it would take a Windows Guru forever to actually get it working. Just doing some browsing, running as non-admin, the firewall doesn't work, but people assume that they are safer with no firewall and non admin as the other way around.

        Thousands of posts of Office 2003 doing some "upgrading" loop endlessly when you try to start it as non admin.

        TripleII
        TripleII-21189418044173169409978279405827
        • Actually you can.

          [i]It can't be done in any reasonable way.[/i]

          Especially if you have a competent IT department to work through those troublesome programs. I ran my Windows 2000 Professional system as an unprivileged user for years. And I had a problem with one program. Which was easily corrected by changing the file permissions on the installation folder.

          With the release of Vista the number of troublesome programs has decreased dramatically due to UAC.

          [i]http://nonadmin.editme.com/KnownProblems[/i]

          Any chance you could provide something a little more current:

          Last Modified 5/30/06 12:56 PM
          ye
      • Wrong

        The fact is that users DO NOT WANT to use a
        non-admin account because some applications
        absolutely NEED one or they don't work.

        2. The built-in firewall in XP is crap... it's
        so full of holes, that it doesn't work.

        3. Keeping up to date on patches IS NOT ENOUGH,
        there are plenty on unpatched things on XP that
        cannot be fixed that HAVE been fixed in Vista
        and Windows 7.
        Lerianis10
        • There are some.

          [i]The fact is that users DO NOT WANT to use a
          non-admin account because some applications
          absolutely NEED one or they don't work.[/i]

          And for an individual users this is a valid point. However for a company which has a competent IT department they should be able to work around these issues. Having run Windows 2000 Professional as an unprivileged user I found one program which required tweaking. And it was limited to permissions changes on the programs install directory so non-admin users could write to it.

          [i]The built-in firewall in XP is crap... it's
          so full of holes, that it doesn't work.[/i]

          Such as? It's been rock solid and effective for everyone I know.

          [i]Keeping up to date on patches IS NOT ENOUGH,
          there are plenty on unpatched things on XP that
          cannot be fixed that HAVE been fixed in Vista
          and Windows 7.[/i]

          Again...such as?

          Granted Vista is more secure than XP. Protected Mode for IE, fewer security bugs, ASLR, etc all make it more secure. But the three things I recommend go a long way. Enough so that I ran Windows 2000 Professional for years without a single malware infection (though the firewall was provided by my DSL router because 2000 doesn't have a built in firewall).


          ye
    • You Missed this One Completely.

      Windows XP in the proper hands can be completely secured. The problem isn't the OS. In fact the reason that Vista was a flop wasn't because Vista is bad. It was because XP was too good. There was no compelling reason to upgrade. All OS's are only as secure as the person administering them allows them to be. Conficker was only a problem for consumers and businesses that didn't have a properly trained IT staff.
      ShadeTree
      • No, it can't.

        If you are on the the net, running XP as admin (pretty much required), have a firewall, completely up to date anti-X suites, you are, by definition, behind the curve in security because every anti-x suite is [B]REACTIVE[/B]. In the right hands (like my IT), it is more secure than the hopelessly insecure masses who don't understand security, but, as the headlines weekly prove, mass problem after mass problem, enterprise infections and millions of machines effected, where are these "skilled hands"?

        This has nothing to do with XP being the most functional org*smic computing experience everyone just loves, it is utterly and hopeless insecure, even in well trained skilled hands. I know it does the job, virtualize the apps (and isolate from the internet) in Windows 7 or whatever, but get XP facing machines off the internet. I have enough Vi@gra.

        TripleII
        TripleII-21189418044173169409978279405827
        • TripleII, you got it right

          Even in the hands of the BEST security
          professional, Windows XP just has too many holes,
          was designed too insecurely, etc. to be used
          anymore by businesses.

          It's time to FORCE them to upgrade to Vista and
          Windows 7, which have improved security mechanisms
          in them.
          Lerianis10
        • (pretty much required)? BS

          pure and simple.
          For home users? I'll let that slide, but in the business world (which is what we are talking about) securing XP and running as a limited user is not only do-able, it isn't even that hard.

          It does take an IT staff actually doing what they are hired to do, however. But that is a people problem, not a technical one.
          mdemuth