Latest posts by Ed Wolfman (see all)
- Windows Server 2003 End of Life Part 3: What Are Your Options? - June 24, 2015
- Windows Server 2003 End of Life Part 2: What Now? - June 17, 2015
- Windows Server 2003 End of Life Part 1: Are You Ready? - June 9, 2015
Windows Server 2003 End of Life – Are You Ready?
On July 14th, just over a month from now, Windows Server 2003 will reach its end of life—that is, Microsoft will no longer continue extended support.
What does this mean? In spite of how dramatic “end of life” sounds, Server 2003 won’t just keel over and stop working—Microsoft will simply stop providing patches, fixes, updates, or any online technical assistance. If you run Server 2003 at your business, you’re essentially on your own.
How many people and businesses will be affected? If you’re still running Server 2003, you’re not alone. Microsoft estimated that there were 10 million servers deployed at the beginning of this year, but that number is slowly dwindling as people migrate. Analysts like Garner and migration specialists have predicted that there will be 2 to 3 million Server 2003 machines still running when it reaches its end of life.
So why haven’t these businesses migrated yet? There are many reasons. Many people simply didn’t know that Server 2003 support was ending this year, or they didn’t believe that Microsoft would really pull the plug yet—after all, Windows XP support lasted for nearly 15 years. On the other hand, many people are limited by external constraints: they don’t have the time or the budget to migrate yet, or they’re too dependent on apps running on Server 2003.
If one of these was your reason, you’re not alone there either.
What happens if you’re still running Windows Server 2003 by July 14th? Unfortunately, if you don’t act, continuing to deploy Server 2003 will create a huge security and compliance risk. Without regular updates and patches to cover security weaknesses, Server 2003 will be open to cyberattacks or, more simply, bugs and glitches that could compromise sensitive data and leave your network vulnerable.
To put it into perspective: even though the server system was released in April 2003, over 12 years ago, Microsoft still regularly releases quite a number of patches and updates, even now. In 2013, for example, there were 37 critical patches released, and in 2014, there were 26, all to fix bugs and flaws in the system. As of July 14th, there will be zero.
This presents a big risk, and the problems are tenfold in heavily regulated industries that must deal with compliance issues. Business in the industries of healthcare, pharmaceuticals, banking, financial services, and insurance, as well as any company that processes credit card transactions, will take on a heavy compliance burden if they continue to run Server 2003. Regulations such as HIPAA, PCI, SOX & Dodd-Frank all require regulated industries to run on supported platforms. For example, PCI compliance requires businesses to have a fully up-to-date server with all patches applied, and so, once Windows Server 2003 reaches its end of life, they will be out of compliance, which could put them at risk of accruing penalties and fines.
Even without taking into consideration the security and compliance risks, businesses face mounting costs if they want continued support on Server 2003. If they need any updates or endpoint protection after the end of life deadline, Microsoft is planning to charge around $600 per incident per server. Some estimates put custom Microsoft support at around $200,000 per year. Not cheap.
If businesses wish to go another route, there are third parties that will continue to support Server 2003 with things like security, intrusion detection and firewalls, but it’s likely that as the population of Server 2003 machines diminishes, so will their support—not to mention their costs will go up.
All of these security, compliance, and monetary risks are a can of worms that many businesses don’t want to (and shouldn’t) open up.
Is your business still running Windows Server 2003? Contact us. We have the resources to evaluate your network and assist with your migration.