There is only a ’small number’ of government services relying on old computer systems that no longer have universal support.
Earlier this month 48 NHS trusts in the UK were hit by a cyber attack.
Many were left vulnerable as they used outdated systems, such as Windows XP, and the UK Government had cut the funding to pay the required additional amount to keep security up to date.
Manx government systems were not affected.
.jpeg?width=209&height=140&crop=209:145,smart&quality=75)
.jpg?width=209&height=140&crop=209:145,smart&quality=75)
.png?width=209&height=140&crop=209:145,smart&quality=75)
In the House of Keys, Lawrie Hooper (LibVannin, Ramsey) wanted to know what the cost was of maintaining unsupported systems.
Policy and Reform Minister Chris Thomas said: ’There are only a small number of physical Windows XP devices remaining. Where possible Windows XP operating systems are now contained to a virtual environment.
’This was primarily due to a strategy to reduce and contain inherent security risks of running aged operating systems. For these reasons, legacy operating systems incur no additional support costs over and above those that are current.
’The only exception is a specific anti-virus contract covering these operating systems, the cost of which is reducing with the progressive decommissioning of these systems.’
He added: ’The identified uplift in costs of maintaining non-supported systems within Government Technology Services is limited to £1,770. This is largely due to the approach of ensuring contracts and versions are kept under support.’
Mr Thomas said his answer covered all government departments, statutory boards and offices, who were served by Government Technology Services.
It did not cover applications or hardware managed outside GTS, such as the emergency services joint control room, Manx Utilities Authority or Manx National Heritage.
’Government Technology Services’ strategy is to invest in the continuous refresh of hardware, operating systems and application contracts, to ensure the confidentiality, integrity and availability of critical systems relied upon every day by our colleagues in the public sector, and members of the wider island community,’ Mr Thomas said.
’In respect of hardware, the strategy is to replace physical servers after five years and PC/laptops after seven years.
’Failure to do this not only increases the risk of latest versions of software not being able to run on these devices but also the hardware itself becomes susceptible to vulnerabilities.
’Aged hardware and software increases the potential for security flaws to be exploited. Furthermore, in some instances a fix on fail approach has been evaluated and adopted to reduce annual costs to government, an example of this is network switches.’
Comments
This article has no comments yet. Be the first to leave a comment.