As Windows 7 goes End of Life, what does it mean to hoteliers?

As of January 14th, 2020, Microsoft has stopped releasing updates and security patches for its Windows 7 operating system.

From this date onward, Microsoft won’t offer help or support if you encounter any problems, which leaves you extremely vulnerable to any virus or other emerging security threats. As a hotelier, what does this mean for your business? The cost implications (is this in your budget?), the security breaches (PCI compliancy issues), and many other factors that affect your business going forward.

Here we chat to Mark Palmer, Principal Product Manager at Guestline to better understand what end of life for Windows 7 means for you, your property and his guide to future proofing your technology:

• In simple terms, what does Windows 7 End of Life mean?

Windows 7 has now entered its End of Life phase, which means that Microsoft will no longer be offering updates of security fixes for the old operating system. Whilst many businesses will have upgraded to Windows 10 in recent times, there are still millions of systems out there that are using Windows 7 – those systems need to be upgraded or replaced asap. Don’t worry, your PC’s won’t stop working overnight, you just need to be mindful that elements of your system are being compromised and that now is the time to consider your technology options going forward.

• What does this mean financially for hoteliers?

It depends on the systems you currently have in place. For example, if your current PMS system is hosted on servers inside your hotel, majority of these will be operating on Windows Server 2008 R2 which is also now end of Life with Windows 7. This means that these hotels need to upgrade their servers, which can come at a costly price for the upgrade of the servers alone and that doesn’t include the costs to move the existing database and any other services that would need to be carried out. If this is the case, and your PMS is near end of life too, now would be the time to look at upgrading your entire technology stack in a bid to future proof your business – and you might be surprised to find that it is just as cost effective to do so.

• What other issues can be expected?

The Payment Card Industry (PCI) has a set of security standards that applies to any organisation (including hotels) which accepts, stores, processes and transmits cardholder data. One of the compliance requirements, PCI DSS 6.2 requires that ‘all system components and software must be protected from known vulnerabilities by installing applicable vendor-supplied security patches’. If an operating system is no longer supported by the vendor, and security patches are not being upgraded (i.e. Windows 7), PCI requirement 6.2 cannot be achieved unless potential risk of doing so is mitigated. It also exposes you to fraud. This puts hoteliers in an awkward position given that this OS end of life is out of their hands and you’d need a hefty budget in place for PCI non-compliance fines and penalties, which can be significant.

• What if a hotelier decides to stick with Windows 7?

Without security patches, Windows 7 will become critically vulnerable. This doesn’t just bring the risk of a potential attack, but also the liability shift to the owners of the devices, that is, the hoteliers that decide not to comply to industry and security risk requirements. As ex-hoteliers ourselves, at Guestline, we understand the tough financial decisions that hoteliers are faced with every day. But our advice is understand your options. Time is unfortunately not on your side and if you haven’t already prepared to upgrade to Windows 10 or are unsure of the financial implications involved with upgrading or migrating your systems, then it’s best to add it to today’s to-do list. Whilst your technology is on the table for review, it’s best to look at all options. Talk to other hoteliers, meet with PMS providers, read case studies and review your existing platforms – it’s best to invest in the long term.

• How does this effect existing Guestline customers?

Guestline clients on our cloud-based PMS are protected from complex issues that many hoteliers who have server-based PMS systems now face.  Our client’s access to Rezlynx PMS (desktop or browser), Channel Manager (Roomlynx), EPoS and other Guestline applications remains unaffected, however there may be new features that may not work now with unsupported operating systems. Our renowned support team are working with all clients to ensure they are up to speed on all Windows 7 End of Life matters that effect their technology, security and operations. But there are many elements that are beyond our control or responsibility i.e. running our services on vulnerable PC’s introduces unnecessary ricks, especially when data is stored or processed on a local machine.

Therefore, we are advising clients that Guestline support will continue to offer product assistance to customers running Windows 7 until 01/03/2020 but we will not be supporting issues that are related to legacy environments.

In addition, our Guestline Rezlynx PMS upgrades are free (unlike many of our competitors) so whilst many hoteliers now also face a PMS upgrade when they upgrade to Windows 10 OS, Guestline customers have been in receipt of a continually enhanced and innovated system as the norm.

• What next?

Hoteliers need to arrange for all Windows 7 PC’s to be upgraded, which means upgrading to Windows 10 and any PC’s below the required specification to run an updated OS system is likely to need replacement. There is an alternative option to purchase Windows 7 / Server 2008 R2 Extended Security Updates (ESUs) from Microsoft, which is available at an escalated premium. Whilst it will mean you remain PCI compliant; it brings other issues such as not protecting against incompatibility of new technologies and offers a lack of support for some new features.

Whilst understanding technology can be somewhat mind-boggling, we are here to help with any queries, share advice and offer support at any time. Contact Guestline Support, your account manager or our dedicated business development team for any further information. Or click here for more information from Microsoft.