Like an overzealous train conductor, Microsoft has been announcing the end of Windows Server 2003 support, since 2013. Time and again we have been reminded by webinars, seminars, and department meetings. However if you are reading this there is a more than likely chance you have not yet migrated all or some portion of your environment to a newer version. There could be several reasons for this, but as we near the end-of-the-line, your environment could suffer a derailment.
We aren’t looking to scare you into changing the business plan for your IT environment, but there may be a few items that may have not have been taken into consideration. Here are a few risk items to consider…
There isn’t an App for that
When Windows Server 2003 support ends, companies are also depending on app developers to stop support for 2003. If an app company depends on Windows Server 2003 internally or externally fails and July 14 hits, consequences can be catastrophic. Microsoft Distingushed Engineer Jeffrey Snover tweeted this warning about what will happen to Windows Server 2003-based systems follwing the end of life:
Not updating from WS2003 is like the guy who jumps off a building on the way down says, "so far so good." #ThisIsNotGoingToEndWell
Following July 14, Microsoft will eliminate security fixes, updates, and support. This can not only wreck your environment security-wise, but organzations also face compliance issues and will have limited cloud options from Microsoft and other vendors. For a complete list of why you should go current, click here.
If your business conducts e-commerce, it's very possible you're using Windows Server 2003. With the lack of security updates following July 14 will come a heavy increase in malicous cybercriminals attacking the weakened armor of your operating system. Additionally, if you're still running a Windows Server 2003 machine post end-of-support, your business will fall out of compliance with the PCI DSS July 15, 2015 and will face some hefty fines, and risk losing business.
Stacking with this issue, companies also risk the ability to accept credit cards. To maintain security and integrity in their business, Visa and MasterCard can withdraw their business until yours is up-to-date.
Microsoft engineers have done their best to keep with the security vulnerabilities as they have been brought to their attention. As everyone knows it is tougher to hit a moving target. With no support, servers will start to become sitting ducks. Without the hotfixes, product updates and security patches to shore up new exploits, the risk your servers will get hit will multiply by the day.
Did we catch your attention? Of course you may agree with the three risks listed above, and want to migrate. However, we know that it can be tough to explain to management why you need to change things up. Here are some things you might be able to provide management to help win them over:
"We can't migrate, we have a limited budget!"
This is a line heard often by executives when a fix is required for something that isn’t currently broken. The pushback isn’t a surprise after all, most companies are still completing the fire drill of replacing Windows XP. No fear, here are a couple of thoughts to share with management if the question arises -
- The cost of being down one or more days would far exceed the budget needed to upgrade the servers. Think of how expensive security breaches are. This study found that the average consolidated total cost of a data breach is $3.8 million.
- The cost to pay Microsoft for support on the servers after the end of support ($700 per server for the first year, then double each year after) would be better spent on upgrading the software now.
"We’ll migrate to the cloud – no worries"
A fair portion of companies using 2003 are already committed to moving to the cloud. The land mine that many will run into is the thought that the process will be a simple and powering down Windows 2003 servers and installing the application in the cloud. Tragically it isn’t that simple or easy. Depending on the cloud solution the company is planning on going with, it will most likely be based on a Server 2012 platform. This means that 2003 applications won’t run on 2012 in the cloud or on premises. The reason to move on it now is basic, you have to do the work to migrate the application to the correct operating system.
Ready or not, we are approaching the end of support quickly. As I write the countdown clock Microsoft has posted has less than 26 days left. There is still time (though very little) to make the necessary moves or preparations to escape the end of the line. There is no reason to be left stuck on the train. If you need assistance with a migration, please let us know, we would love to have our experienced engineers help you escape the end-of-the-line.