Why compliance is a big deal for some and irrelevant to others.

Many server administrators have the same enthusiasm for policy that a 9 year old has for the visit to the dentist.

Compliance tends to be one of those things that you don’t worry about until you do have to worry about it. Depending on the field you are in, it can be something that you need to deal with on an occasional basis, or something that simply isn’t on the radar.

Generally it’s something that you have to worry about more if you work in a heavily regulated industry, such as finance or healthcare. If you work in an industry that is subject to strict compliance regulation, you were more worried about running an OS that was no longer supported than an OS that was never going to receive another security patch. This is because there are sanctions for non-compliance that are strong enough to make both management and the IT department take compliance seriously.

People that work in industries that aren’t as heavily regulated, which is most people, aren’t as worried about running about an OS that is no longer directly supported by the manufacturer. To them, it’s a lot like using an appliance after the warranty expires. The appliance is still going to work, it’s just not going to be supported by anyone if it breaks suddenly.