Hi everyone,
I’m facing a challenging situation at work and could use some advice. I work as an IT support specialist at a family-owned health business, and my boss has repeatedly refused to upgrade an outdated Windows 7 system despite significant security risks and operational issues. The system is no longer supported by Microsoft, is vulnerable to serious exploits, frequently crashes, and has outdated BIOS firmware.
I’ve asked my boss multiple times over the past two months to upgrade the system, but he has consistently refused, insisting that we have enough security measures in place. However, I’m not confident in these security measures, as the system is connected to the internet and it can literally be hacked by a exploit within the operating system, potentially bypassing all of our firewalls. (e.g. EternalBlue, BlueKeep)
I’ve prepared a new desktop with Windows 10 as a backup, ready to be deployed if the current system fails. I’ve also laid out a plan that would cause minimal disruption, allowing the employee who uses this system to temporarily use the software on his laptop while we make the switch. Despite this, my boss still refuses and has become visibly frustrated with my repeated requests. I’m worried about getting fired for taking the initiative to address this critical issue. The employee has been asking for a new system for the last 2 months.
The Windows 7 system connects to our main server to access a specific piece of software via the web browser. We host it locally, the software basically tracks all the equipment/infrastructure around the warehouse. It would be a straightforward replacement, but my boss’s resistance and erratic behavior make it difficult to move forward.
I’m considering talking directly to the owners about this issue, as my boss’s refusal puts our operations at risk, but I’m concerned about potential repercussions. I want to ensure I handle this professionally and protect myself from any blame if a security breach occurs.
Most of my requests have been verbal, and an email I sent to my boss about upgrading was never responded to. I’m looking for advice on whether I should discuss this with the owners directly, the potential risks and benefits of taking this step, and how I can best document my efforts to protect myself. I definitely feel like I’m going to be used as a scapegoat. I’m also planning on seeking employment elsewhere after I get my Network+. This is my first IT job, I’ve only been working here 3 months and I already want to leave.
I appreciate any advice or experiences you can share. Thank you!
Windows 10 is just about to lose support. At this point, your backup system should probably be Windows 11 unless you can manage to make your boss fork over money for updates. Otherwise, you’ll be stuck in the same situation in just a year and a few months even if you manage to replace the system.
Make sure you go full CYA mode when your company eventually gets hacked because of your boss. Leave a paper trail that’s not too hard to discover for any auditor in case your company ever tries to get some kind it certification. If you have a ticketing system, leave an open ticket. Put any further requests in writing, possibly referencing company poollicht about this stuff if you have any.
Next time you take an inventory it outdated and vulnerable software and hardware under your control, make sure to add your boss’ computer to the list and send it around to everyone that should be reading the report. Preferably, more than just your boss and you, but that depends on how your company works.
Your just boss isn’t going to update willingly. If you can’t make him update, the second best thing is to leave behind evidence that you tried to avoid the disaster your boss is brewing, so he can’t blame IT when his laptop gets hacked or if he loses data. Because when your company is getting sued for a data breach, you’ll be one of the first people they’ll try to put the blame on.
Do not for the love of God put your system on 11. There has already been too much hacking proof of concepts for the rewind feature.
Hold 10, pay for the updates if need be.
The rewind feature is only available officially on specialized hardware that has not hit the market yet. “Copilot ready” is the term.
The PoCs are using multiple workarounds to get it running. It is also entirely disable-able using standard Windows adminstration tools.
There’s also a simple toggle to turn Rewind off in the settings menu.
People are really going bonkers over Rewind, it’s almost a sort of mass hysteria at this point. Yes, it appears to be a very insecure and risky feature at this point. So just turn it off. There’s lots of features in any OS that you can set up in ways that will make your system insecure, this is just a particular one of those. Microsoft isn’t going to force it to be enabled, the ensuing legal shitstorm would be epic. I doubt they’ll roll it out to a large audience in its current state.