Office Document Strategies Blog

US Homeland Security Warns About Windows Server 2003 EOS

Posted by Lee Kirkby on Wed, Apr 1, 2015 @ 08:04 AM

I read a really interesting post today by of all things the US Department of Homeland Security.  Now I have to admit that I am not a regular reader of their material but this one has some really good information that can affect millions of users of Windows Server 2003.

Did you know that as of July 2014 Microsoft reported that there were 24 million instances of Windows Server 2003 running around the world?  Of these about half are on physical servers and the other half are running in a virtual environment.  This is a massive level of systems that need to consider upgrade prior to the end of support (EOS) coming this July 14th as announced  by Microsoft.  USHomelandSecurityWarnsAboutIgnoringEOSofWindowsServer2003

Why does the EOS matter to you?

According to the US Homeland Security article there are three key things that you should think about:

  • "Computer systems running unsupported software are exposed to an elevated risk to cybersecurity dangers, such as malicious attacks or electronic data loss.
  • Users may also encounter problems with software and hardware compatibility since new software applications and hardware devices may not be built for Windows Server 2003.
  • Organizations that are governed by regulatory obligations may find they are no longer able to satisfy compliance requirements while running Windows Server 2003."

Of course a decision to do a server upgrade is not a simple matter for most businesses.  It requires careful planning, an assessment of current and future needs as well as a committing of resources to undertake the analysis and resulting work.  One of the key reasons there are so many instances of Windows Server 2003 still in operation is the stability it has shown and the costs of making a change to a newer system. These are actions which often are avoided until circumstances simply force a change.

Check your apps

One important area which has to be a starting point in planning any server upgrade is to check the applications that are running on your 2003 Server(s).  You may have some or many that are going to need upgrading as well since the versions built for the 2003 time frame may not be supported in newer server environments like Windows Server 2008R2 or Windows Server 2012 the current recommendation from Microsoft.  Talking to the suppliers of your applications or the developers of your customized software will be a needed first step in understanding the implications of your migration path.

Of course the hardware that you use for running your 2003 system is going to need an upgrade as well. This is an opportunity to gain new benefits associated with enhanced hardware and software features but can also complicated the process so you need to plan your timing accordingly as well.

Is this the time for the cloud? As soon as you start looking at your options for your replacement server system you are going to be confronted with proposals for placing your servers in the cloud or of renting the whole environment through a cloud provider.  Don't kid yourself by simply discounting these possibilities since the arguments made for them as a solution are very compelling and you are going to find yourself thinking about it at least as an option for consideration.  This simply adds a couple of more complications to the equation which then add some more time to your planning and decision making.

The conclusion

If your server environment is important to your business (and you know it is), then time must be allocated now to deal with these issues.  When Windows XP support ended last year you could simply unplug the workstation running it and avoid the security issues that the lack of support brings up.  This option is not available with server environments.  The very nature of what they do implies a connected system and the need for as robust a security regime as you can provide.

Your server upgrade is imminent.  Today is the day for you to get your planning going.

Lee K

Small Business Data Protection Backup Criteria

Office Document Strategies blog signup




Topics: network server, cloud computing, server software, network security