Since June 6, 2019, Kofax no longer provides support for ReadSoft INVOICES 5.8 and limited support for version 5.9 is imminent (Feb 2020). If your organization is still running either of these versions, you might be at risk. What should you do about it? Read on to find out what the risks are and how Fältmans can guide you through your upgrade.
Why does software have an end-of-life?
The software lifecycle varies among products and vendors. Following the release of a piece of software to market, standard practice is to update it regularly with new features, patches, and sometimes completely new architecture (major versions, such as ReadSoft INVOICES 6.0). Throughout its life vendors provide support for the software often together with partners before removing the product from sale. At this point, and usually for a premium, vendors will provide customers with extended support and even small updates, but eventually even this kind of limited support comes to an end – exposing users and organizations who continue to use the software to risk.
Why do vendors end-of-life their software? There are many reasons and not all of them are financial. Software architecture ages, threats evolve, and new hardware technologies are constantly emerging. Vendors no longer build software monoliths that rely on local installation and expensive hardware to protect them. Modern software is built in small chunks that can run on any hardware, on-premise and in the cloud. Emphasis is on security and minimizing risk. Ideally, a cyberattack can be prevented by immediately removing an affected chunk from service before it infects another. Reducing risk and maintaining stable service.
Risks of end-of-life software
All software contains bugs, shortcomings, and vulnerabilities that expose users and organizations to various levels of risk. In 2017, the cyberattack involving the Wannacry ransomware worm held several hundred thousand of computers around the globe to ransom by exploiting a known vulnerability in end-of-life and unpatched Windows operating systems.
The damages in terms of loss of data, downtime, disruption, and stolen IPR are estimated to run into billions of dollars. This attack was so widespread that the day after it struck, Microsoft released a security patch for products that had long since passed end-of-life. And while Microsoft are not bound to provide such updates, given the extent of the attack and number of high-profile organizations, including the UK’s National Health Service (NHS), it was the logical course of action.
Why don’t organizations keep their software up-to-date?
One of the key difficulties for organizations is the amount of time and planning it takes to upgrade software, even the smallest of patches. Most organizations want to test new software versions in a staging and test environments before they deploy it to their live IT systems, because doing so protects them from risks such as data loss, or unexpected impact on other software and systems. The number of machines that need to be updated, the complexity of the IT environment, and security requirements, all impact the time and planning needs of an upgrade.
Over time, corporate IT systems can become complex and highly inter-dependent. Customizations and local implementations can cause havoc and even ensure that new versions of critical business software cannot be installed without major overhauls of the IT infrastructure. Naturally, organizations shy away from such projects simply due to time pressure and because the investment doesn’t seem to outweigh the intangible risk.
Imagine a heating system in a house or a building. Over time cracks appear, leaks occur, and air and dirt get into the system. Repairs and maintenance keep the system running smoothly until a connection pipe breaks whose manufacturer has long since gone out of business. Spare parts are no longer available and so the repair is a customized solution. Eventually, the entire system is built up of ad-hoc customizations, operating costs soar, and installation of a new system inevitable.
Owners have two options: use the existing maintenance company to do the job – somebody who knows and understands the needs of your building – or go with another entrepreneur who are experts in sustainable, modern HVAC systems. The choice for organizations running unsupported software are the same: get in touch with your trusted supplier, or switch to a new one. Either way, when it comes to upgrading ReadSoft INVOICES, Fältmans has the widest experience.
Contact Fältmans for your INVOICES upgrade
Fältmans consultants are all former ReadSoft employees. Together we possess Scandinavia’s most comprehensive experience when it comes to ReadSoft’s products. We have experience with the IT systems of large and small organizations, the complexities they pose, and the security issues that need to be considered when upgrading. For advice on your next step to upgrading ReadSoft products, contact us by sending an email to info@faltmans.com.