Game of Thrones and Microsoft
By now, whether you are a “Game of Thrones” fan or not, you have probably heard (or seen a meme of) the notorious phrase, “Winter is coming”. In the show, winter—a tenebrous future that is supposedly coming—is incessantly referenced but never fully explained. All we know, as viewers, is that Rob Stark (RIP) and his crew better be ready for its arrival or else…
Since 2013, Microsoft has been issuing users a similar warning: The end of Windows Server 2003 is coming. As of July 14, 2015, Microsoft will pull the plug on support for the aging OS, causing a slew of problems for those caught unprepared. Emaciated, undead zombie-popsicles won’t be trying to wipe out the entire human race, but it will still be worth figuring out what this will mean for your business.
What exactly does “End-of-Life” mean?
Despite its implication, the phrase "End-of-Life” does not mean that Server 2003 will cease working altogether, but that Microsoft will no longer provide automatic fixes, updates, or online technical assistance to those still using the OS on July 14.
So what does this mean for businesses?
In the case of Server 2003, it is tempting for many to subscribe to the mantra, “If it ain’t broke, don’t fix it”. After all, organizations that have been using this system for over a decade likely haven’t changed for a reason.
However, while mainstream support for Server 2003 technically ended in 2010, Microsoft has still been releasing security updates as bugs and new threats have been discovered over the past 5 years as a part of the extended support phase. This phase ends—you guessed it—July 14.
The "4 C's"
A study done by Bit9 found that roughly 1 in 3 enterprises plan to run Server 2003 after the July 14 deadline, leaving 2.7 million servers vulnerable to 4 main issues. Let's call them the "4 C's"—Cybersecurity, Compliance, Compatibility, and Cost. (Ok we know you’re not in kindergarten but catchy mnemonic devices never get old, admit it.)
1. Cyber-security: No software is simply “set it and forget it”. In the case of Server 2003, Microsoft issued 37 critical updates to the system in 2013 alone. These updates are essential for protecting the OS from hackers. When end-of-life hits in July, Microsoft won’t issue any such updates, leaving gaping holes in the system just waiting for malware to fly through. In the (likely) event that an unsupported system becomes compromised, the door would open for cyber criminals to gain access to other systems in a server's data center and also launch attacks against them. Essentially leveling one’s entire business in one fell swoop. Need more convincing? The “US-CERT” short for the Department of Homeland Security’s United States Computer Emergency Readiness Team (Why don't they have their own Marvel movie yet?) issued an alert following Microsoft’s end-of-life announcement warning, “Computer systems running unsupported software are exposed to an elevated risk of cybersecurity dangers, such as malicious attacks or electronic data loss.”
2. Compliance: Businesses in heavily regulated industries like pharmaceuticals, finance, insurance, or any company that processes credit interactions, listen up. Once support for Server 2003 ends, it is likely that an organization still running the OS will no longer meet industry wide compliance standards (think HIPPA, PCI, SOX, Dodd-Frank and more) that require regulated industries to run on supported platforms. This will put those enterprises at risk of fines and penalties as well as loss of business.
3. Compatibility: Software currently being developed for Windows Server 2012 likely isn't backwards-compatible with Windows Server 2003. This means that more and more features and functions, not to meantion increased security, available for Windows Server 2012 are simply not available on the 2003 platform.
4. Cost: If you plan on sticking with your Server 2003, just be prepared to sacrifice a pretty penny for your old pal. Just think of it like owning an old truck. It runs great--until it doesn't. If and when it breaks down, you're undoubtedly going to run into some rather large roadblocks (sorry, had to) as the manufacturer no longer produces parts for that model. Put simply, if Server 2003 breaks down past its support date, you are more or less on your own when it comes to keeping the OS afloat amid a stormy sea of increasing vulnerabilities-translating to a lot of moolah flying out of your pockets.
Brace Yourself. The end of Microsoft Windows Server 2003 is coming.
Are you ready?
Resources: "Windows Server 2003 End of Support Is Coming Are You Ready? [New Survey]." Windows Server 2003 End of Support Is Coming Are You Ready? [New Survey]. Web. 4 June 2015., Bekker, Scott. "Prepare for Windows Server 2003's End of Support -- Redmondmag.com." Prepare for Windows Server 2003's End of Support -- Redmondmag.com. Web. 4 June 2015., Bekker, Scott. "Prepare for Windows Server 2003's End of Support -- Redmondmag.com." Prepare for Windows Server 2003's End of Support -- Redmondmag.com. Web. 4 June 2015.