portier Vision 4 has been officially unsupported since 1 January 2025. There are no more security updates, bug fixes, or support services. We regularly receive enquiries about why continued use is no longer legally compliant, even when the software is run on your own servers.
All relevant laws and standards require that IT systems and data processing meet the current state of the art. Specifically, this means:
Regular security updates
Bug fixes and patch management
Ongoing maintenance
Unsupported systems explicitly do NOT meet these requirements.
Open security vulnerabilities: New weaknesses are no longer closed. Even internal systems are potentially at risk through network changes, insider threats, or malware.
No support guarantee: Neither bug fixes nor emergency support. The remaining risk lies entirely with the operator.
No auditability: Proof of IT security, data protection, and compliance is no longer possible.
Legal consequences after incidents: In the event of a data breach or cyberattack, the use of outdated software is treated as a breach of duty of care. Fines and reputational damage may follow.
"We run the software on our own servers, accessed only by internal IT." This reduces risk but does not replace the obligation to maintain current security measures. Regulations (GDPR, NIS2, DORA, KRITIS) apply to all systems, regardless of location.
"The system is isolated." Even isolated systems are not fully protected, for example through removable media, insiders, legacy interfaces, or future network connections.
"There have been no problems so far." The absence of an incident is not proof of compliance. Regulators require proactive measures, not reactive justification.
GDPR Art. 32: State of the art, measures for the security of processing
KRITIS/BSIG § 8a: Obligation to take appropriate precautions meeting the state of the art
NIS2: Obligation for risk management, ongoing maintenance, and auditability
DORA (EU 2022/2554): Operational security and resilience of digital systems, ongoing updates and controls
Migrating to an actively maintained, supported, and auditable solution is mandatory to ensure compliance, operational security, and liability protection.
portier Vision 5 demonstrably meets these requirements (ISO 27001, regular updates, personal support, full auditability).
Using portier Vision 4 is no longer compliant with GDPR, KRITIS, DORA, and NIS2 as of 2025, even in a self-hosted environment. The risk and liability rest entirely with the operator. Upgrading to a current, supported version is strongly recommended.
Contact our team at any time for questions about audits, compliance, or migration to Vision 5.
