The NHS has entered into a Custom Support Agreement with Microsoft to enable the latter to offer customised security to all PCs running older versions of Windows operating systems used by NHS hospitals, clinics, and trusts.
Microsoft will offer exclusive support for older systems run by NHS organisations until the latter migrate to more up-to-date operating systems.
Realising that replacing all legacy systems at NHS trusts, hospitals and clinics would take longer than anticipated, the NHS has finally inked a deal with Microsoft to ensure that systems running older versions of Windows continue to receive security updates from Microsoft until all such systems are replaced with newer and more secure devices.
‘It was impossible to protect devices running on the out-of-date operating systems that lacked the software to protect them against the threats. Unfortunately, simply upgrading these devices quickly was not always possible – many of them run sophisticated medical equipment or are provided within specialist supplier applications,’ the NHS said.
The new Custom Support Agreement will enable a dedicated Microsoft team to monitor the cyber landscape and develop software patches as soon as new threats emerge. This would ensure that Microsoft would proactively prevent malware, ransomware and other kinds of worms from infecting legacy systems owned by the NHS, rather than belatedly issuing security patches once the damage has been done.
Microsoft’s services include an Enterprise Threat Detection (ETD) service which can analyse device data intelligence in real time and identify threats accordingly. At the same time, Microsoft would also offer consultation to the Cyber Security Centre of Excellence for Health and Care on specific areas like patch management, aside from offering immediate response to cyber events.
As part of the agreement, Microsoft would also support the migration of all legacy systems, including those running Windows 7, to Windows 10 in the near future. Microsoft is set to withdraw general support for Windows 7 devices from 2020.
According to the NHS, all organisations that are involved in health care in the UK are eligible to benefit from the agreement which would also be extended to different types of trusts, clinical commissioning groups, local authorities and care homes.
‘The goal is to strengthen the security of existing Microsoft enterprise operating system estates and promises to equip organisations with the means to resist cyber threats into the long term,’ the organisation added.