There is no 'NHS' IT though as a whole. It's mainly split into regional trusts and those trusts are responsible for their IT and in the main are outsourced to IT providers. A lot of those trusts are not on XP and have updated to windows 7. The whole story about this being the governments fault is not really true.
Recently I've been heavily involved in an outsource of numerous NHS trusts. They are negotiated locally and not by an over arching agreement at a national level through the government. Part of that deal includes upgrading the desktop estate but the trusts I have dealt with are largely off xp. The kit they use that you refer to will be supplied by the IT provider, so depends who that supplier is and what contracts they have with the likes of dell or HP.
That is where they go badly wrong then, you can't have a nation wide system without a lot of standardization. Leaving it up to individual trusts is asking for trouble, conflicts and similar are guaranteed to happen with that model.
It's all about time and money.
I've worked in IT for 15 years and we currently have about 150-200 small and medium sized businesses who we support and you can probably count on one hand how many have Cyber Security in place. We've had probably 20-30 outbreaks of cryptolocker type ransomware and 9/10 it's due to some bellend using non work authorised equipment on the network, less than complex passwords or just port 3389 being open to the world.
We can tell customers how to prevent it, show them and do everything for them but their own policies and staff can let that down at SMB level. Putting prevention policies in place is a time consuming job and a lot of customers are happier to take the risk than pay for proactive support.
I've heard it called a PICNIC - Problem in chair not in computer.I have a quote pinned up behind my desk that says "Most IT problems can be solved by replacing the chair to keyboard interface."
It was true on day 1, and it will remain ever thus.
Windows/Office is deeply ingrained into the corporate world. Linux doesn't stand a chance even though it's far more secure. IT managers and most of their staff would run a mile if it was suggested.Fair enough but I'm still inclined to believe that the fault here lies with poor security practices, it's a shame that Linux tends to get overlooked for security purposes.
I imagine the IT providers will have to seriously review the system as a whole for security
V good. Will use from now on!I've heard it called a PICNIC - Problem in chair not in computer.
Windows/Office is deeply ingrained into the corporate world. Linux doesn't stand a chance even though it's far more secure. IT managers and most of their staff would run a mile if it was suggested.