I’m not in the habit of trying to scare people into making IT decisions. Truly this has never been my style. Many vendors, particularly in the security space, rely on FUD (fear, uncertainty and doubt) to encourage clients and prospects to make buying decisions. Please know that I find that distasteful as I tell about the impending end of support date for Microsoft Windows Server 2003 (WS2003).
Server 2003 will officially hit end of support on July 14, 2015. What that means is that after that date, Microsoft will no longer release security patches or updates for the network operating system. That means it is highly likely the machines will become extremely vulnerable to compromise shortly thereafter. Since these are servers we are talking about, many of them externally facing, this should most definitely give you pause. Experts estimate there are more than 13 million machines still running Windows Server 2003 active today.
First, how about a little perspective. Windows Server 2003 was released on April 24, 2003. Yes, 12 years ago. On that date, George W. Bush was president, and in fact he was still in his first term. The number one song on the billboard charts was 50 Cent’s, “In Da Club.” I think I heard that on an oldies station last weekend. Number 1 at the box office was Anger Management, but we were all eagerly awaiting the second installment of The Fast and the Furious. There have been 5 Fast & Furious movies made in the time since Windows Server 2003 was released! On TV, 2003 was the year both NCIS and Two and a Half Men premiered. That’s right, WS2003 outlasted the entirety of Charlie Sheen’s roller coaster ride from sanity to lunacy and back again! I’d call that winning! I think you get the point.
So 12 years is a long time, I bet every patch and update we need has been released, right? Well there were 37 critical patches released in 2013 and another 26 in 2014. Chances are this number will only increase as support ends and WS2003 servers become a really juicy target for attackers.
It’s not just about the security of your data and your network however. There are real-world issues you need to consider before you continue to run on an unsupported operating system. If you have any credit card data on your network, you will begin to quickly fall out of PCI compliance. If you store PHI (personal healthcare information) data you risk significant HIPAA fines and have absolutely no chance of passing an audit. If you are in any sort of regulated industry, you will absolutely be out of compliance and unable to meet your regulatory requirements.
I know you’re thinking that all this sounds an awful lot like I’m trying to scare you. I really am not. I’m trying to help educate and inform. A recent survey of IT managers at Fortune 500 companies revealed that only 21% were aware of the quickly approaching date and the implications. I know you have far more important things to do and that worrying about IT Support issues is not your job, but apparently even for people whose job it is, they aren’t doing it.
The good news is options abound for you if you find yourself in need of an upgrade or migration plan. When WS2003 shipped, you really only had 1 way of running your IT. Buy servers, put them in a closet in your office and start loading software on them. The rise of the cloud has made this thinking obsolete. It’s incredible to even think this but you can tackle this issue and address it in the most efficient way possible without any capital expenditures. When Windows NT or even Server 2000 went end of support, we probably showed up at your office with a proposal and a project plan to get you upgraded. That ongoing treadmill of technology updates has been rendered obsolete. You should be giddy about the prospects of moving off WS2003 compared to what you would have been in for in the past.
It’s time to look at these types of events as opportunities, not expenses or obstacles to overcome in your business. The first ever iPhone was released in 2007 – 4 years after the operating system we are talking about here! Do you really think there isn’t a ton of improvements that have been incorporated into the latest and greatest versions? We should all be thankful that Microsoft has pushed us into the deep end and is forcing us to swim. There is a world of opportunities out there for you to optimize the platforms and systems that run your company. Embrace them and say thank you!
