Blog

Windows Server 2003 end-of-life is looming: Are you ready?

/ Technical
April 28th, 2015

are you ready for windows server 2003 to go end of life

Businesses have had numerous warnings over the past 18 months, but now the countdown is well and truly on. In just under 11 weeks Microsoft will end support for Windows Server 2003. As of July 14th, Windows Server 2003 will go end-of-life and Microsoft will no longer issue security updates and patches. If you continue to run this server after the date passes, you will have to deal with any new vulnerabilities yourself.

This should really come as no surprise. Microsoft made a lot of noise back in 2013 about the fact that Windows Server 2003 would be going end-of-life, giving businesses plenty of time to start planning their migrations. Yet it seems many haven’t even started to develop a strategy yet, let alone implement one. In 2014, a report from the Cloud Industry Forum said that 61% of firms in the UK were dependent on the platform, that’s roughly over a quarter of million SMB’s that were still using Windows Server 2003 for core elements of their day-to-day IT operations.

Fast forward to this month and even more worrying statistics are coming to light. Endpoint security firm Bit9 recently posted the results of their end-of-life survey revealing that nearly one in three enterprises plan to run Server 2003 after the July 14th deadline and 57% do not know when the deadline is. Another survey by Exponential-e found that 35% of UK companies are “not suitably prepared for Windows Servers 2003 fast-approaching end-of-life date” and 63% don’t understand what the Server’s demise means for their business.

It seems almost fair then that Server 2003’s end-of-life has been labelled as “the biggest security threat of 2015”. Si Avanade estimates that 20% of Windows Server 2003 users will go past the 14th July end of support date, and this poses huge problems for both businesses and their clients. Without updates, the software, along with the systems, information and processes connected to it, will rapidly become vulnerable to outside dangers. If your server systems hold any kind of data, which they will do, and you can access it directly or indirectly through the Internet then you have a massive problem on your hands, you’re putting your clients and partners at increased risk.

This is a particular concern for regulated industries where you will be fined for putting customer data at risk. Failure to upgrade will typically be recognised as a control failure by an external or internal audit. This could lead to the suspension of certificates and possibly public notification of the organisation’s inability to maintain its systems and company information. So if you’re planning on ignoring the deadline you’re facing not only immediate security threats but reputational damage as well.

Planning Your Migration

There really is no time to delay if you’re still running Windows Server 2003 in your business. Depending on the size and complexity of your organisation, the actual migration may take days. It’s the assessment and planning beforehand that takes up the majority of the time. However, this is a crucial step and one which you should not rush. Additionally, Microsoft SQL 2005 will become end-of-life in April 2016, so you may want to migrate both at the same time.

One option is to migrate to Windows Server 2012 or move to the cloud. Alternatively, you could choose a hybrid solution, which is part on-premise and part in-cloud. Below are a few questions that may help your business outline the implications of migration:

  • Will your existing hardware support new operating systems and/or software?
  • Will your other applications work on the new operating systems and/or software?
  • How will you overcome any compatibility issues?
  • Will you need to train employees to use the new operating systems and/or software?
  • How long will it take to roll the new software out?

This list is by no means exhaustive but it explains why you cannot ignore the problem any longer. These are not changes you can implement overnight.

Postponing a Windows Server 2003 migration is just delaying the inevitable, and missing the deadline could have crippling consequences. The articles and warnings aren’t scaremongering, they’re real, definite threats which could affect your business. If you’ve been putting off the upgrade or were planning to ignore it, now’s the time to change your thinking.

Robert Rutherford, CEO of QuoStar

Find out more QuoStar guaranteed zero-downtime migration services.