The squeaky wheel gets the grease. The good news is Cisco devices don’t squeak often. But even devices as solid as Cisco’s don’t last forever. Just like every other device, they have a life cycle. After the end of the life cycle, also known as the Last Day of Support (LDOS), to keep them around is to embrace a certain degree of risk.
Maintaining unsupported devices is a risk that too many are taking. Research by Softchoice indicates that over 96% of companies have End of Sale devices in their production environment, and 73% have End of Service devices.
Why are these percentages so high? It’s often because of poor license visibility. Companies who have purchased Cisco products from a number of partners may end up with several different End of Service dates. This increases management complexity and makes it difficult to take appropriate action.
Secondly, LDOS-related costs are hidden in the future, whereas the costs of replacing gear are more obvious. Nevertheless, the hidden costs are real, including the high cost of a data breach.
Last Day of Support Devices Are Vulnerable Devices
Cybercriminals know that Cisco devices are ubiquitous. That means they’re interested in targeting them. This involves a constant cat and mouse game: Cisco has to defeat an ever-evolving array of threats.
Recently, Cisco discovered a vulnerability in their IOS XE software, wherein a malicious actor could log in with a certain kind of fictitious account and obtain high-level access. The vulnerability was noticed quickly, and fixed before it became the cause of a large-scale data breach.
However, if you have LDOS devices, you’re no longer protected by Cisco updates. That makes you a softer target for cybercriminals and malicious activity of all kinds.
According to research commissioned by security firm Malwarebytes, 39% of companies are victims of ransomware. Of those, 40% pay up. Simple calculations dictate that this translates to an unacceptable year-over-year hazard. A ransomware attack is a question of “when,” rather than a case of “if.”
The Cost of Outages
Let’s say that one of your devices breaks down, or one of your employees makes a mistake, and you have an outage. It happens to nearly everyone. According to research by Gartner and others, in 2017, the average company had 14 hours of downtime. These were costly hours. Half of those companies characterized the incidents as damaging to their reputation. By Gartner’s estimate, the average cost was $42,000 an hour.
While outages are always painful, they’re much less painful if your devices are supported. Your partner can fix the issue quickly, or replace the device within hours if a replacement is needed.
But it’s completely different with LDOS devices. When LDOS devices break, they really break. The worst-case scenarios are an absolute nightmare: you need to replace a device that doesn’t exist anymore or solve an issue that nobody can solve anymore. Unintentionally, by letting your devices go out of support, you’ve built a house of cards. In a moment of crisis, as your customers wonder why they can’t buy your products or access your services, you’ve got to modify and replace your architecture at the same time.
Take the Long View
So, with LDOS devices, there are two options. The first is to embrace the future and update your architecture. By doing so, you accrue some short-term costs, but you know that your systems are solid. The second is to wait for something terrible to happen, like a hard-to-fix outage, or a cyber attack. You save money in the short term, at the cost of future chaos and escalating, unpredictable costs, all of which could descend at any time.
The decision is yours.