As Windows 10 support end-of-life draws near, companies are faced with difficult decisions about whether to incur the huge costs it will take to upgrade their IT estates to Windows 11-combatible PCs or kick the can down the road – for a maximum of three years – by forking out for additional Windows 10 support.
Either way, businesses are going to have to spend money – in some cases, a lot of money.
“After 14 October 2025, Microsoft will no longer provide free software updates for Windows Update, technical assistance or security fixes for Windows 10. Your PC will still work, but we recommend moving to Windows 11. Windows 11 offers a modern and efficient experience designed to meet current demands for heightened security,” Microsoft warns on its website.
PC makers Dell and HP recently estimated that almost 50% of all PCs are still running Windows 10, with the move to Windows 11 particularly slow among consumers and small and medium businesses.
There is some good news for some Windows 10 users: according to Microsoft, consumers who are not ready to migrate to Windows 11 can get free Extended Security Updates (ESU) for a year. These users must be running Windows 10 version 22H2 to be eligible for the programme – good news for individual users who don’t want to upgrade, or can’t because of Windows 11’s system requirements.
But businesses wanting to delay their upgrade, or those stuck with incompatible hardware, will have to little choice but to dig deep. They can enrol in the ESU programme at the cost of US$61/device in the first year, doubling to $122/device the following year and doubling again to $244/device in the third. Failure to do so could result in their systems becoming more vulnerable to security exploits.
Zero trust
According to Armand Kruger, head of cybersecurity at NEC XON, upgrading to Windows 11 is a better alternative to the ESU programme in most instances, especially in the enterprise space. The reason is the latest Microsoft desktop operating system has advanced cybersecurity features – such as enforcement of the Trusted Platform Module 2.0 – that make it more secure than Windows 10.
TPM is a feature that ensures sensitive data such as credentials are stored on a separate hardware module, making it more difficult for hackers to widen the scope of their attacks by “accessing the keys to the kingdom” when a system has been breached.
Read: Microsoft ends Windows 10 support, but most firms aren’t ready
“Windows 11 is built on zero-trust principles by design, whereas Windows 10 was built on operational utilisation. If there is a zero-day vulnerability that comes out after 14 October, it means Microsoft will not support it, meaning you won’t be able to patch it. This means you will have to redirect your investment in different areas to compensate for that gap,” said Kruger.
He said the innovations in Windows 11 should make it easier, and possibly cheaper, for IT teams to better manage cybersecurity. Also worth noting is that companies that are breached and found to neither have upgraded to Windows 11 nor enrolled in the ESU programme risk having their cyber-insurance claims rejected.
But the cost of upgrading to Windows 11 is not limited to the quantum associated with acquiring new hardware; there are other “soft costs” to consider. New PCs require IT specialists, whether in-house or outsourced, to spend time configuring them to align with IT policies and applying the correct access and security profiles.
Read: PC industry on cusp of big upgrade cycle
“In theory, it’s an easy drop-in process. In practice, it’s always harder than expected – not just the cost of deploying new systems, but the process of testing software. The unfamiliar changes in user experience can have an impact on productivity, and there is an inevitable increase in support calls,” said Jon Tullett, senior research manager at International Data Corporation. – © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
