The Countdown is on for Windows Server 2003 End of Support

Microsoft will stop patching Windows Server 2003 in less than 90 days, and a recent survey found that a lot of enterprises aren’t even aware that the end of support is coming.

The extended support for Windows Server 2003 ends in July 14, 2015. It will mean to many South African enterprises still running on Windows Server 2003 that, while their systems may still be working well, they will no longer get support from Microsoft. Change is inevitable, After July 14, If enterprises are still running Windows Server 2003 in their datacenter, they need to take steps now to plan and execute a migration strategy to protect their infrastructure.

Blue Turtle delivers solutions, based on technology from Appzero and Dell Software that will automate much of the migration effort and allow for the move from 2003 to Windows Server 2012 R2, Microsoft Azure or Office 365, where organisations can achieve concrete benefits, including performance, reduced maintenance requirements, and increased agility and speed of response to their business.

Further, Microsoft will end support for Windows Server 2003, that means no more patches at all, just like with Windows XP last year. “After support ends, organisations will face the cyber crime risks, and potential compliance issues. Blue Turtle is now providing technology, from Bit9, that will allow ‘unpatched’ systems to run securely while a customer migrates”, says Martyn Healy, Blue Turtle Marketing Director.

Bit9, an endpoint security firm, recently released results of its “Windows Server 2003 (WS2K3) End-Of-Life Survey,” and the findings were rather startling. There were two glaring results from the survey:

  1. Nearly one in three enterprises (30%) plan to continue to run Server 2003 after the July 14 deadline, leaving an estimated 2.7 million servers unprotected.
  2. More than half of enterprises surveyed (57%) do not know when the end-of-life deadline is. In the survey, Bit9 gave respondents a multiple choice question asking the month when Server 2003 end-of-life would occur. Thirty percent of organizations surveyed said “I do not know,” and another 27% guessed wrong.

Server 2003, migrations are nowhere near as quick as they are with desktops. Bit9 says a migration could take up to six months, depending on the variances in the apps and complexity. This means that millions of Windows servers holding sensitive data will be unpatched. Bit9’s mission is security, so it was most concerned about this.

“Servers, including domain controllers and Web servers, are where most organizations’ critical information resides. So, if organizations continue to run Windows Server 2003 after July 14, without implementing appropriate compensating controls, they are putting customer records, trade secrets, and other highly valuable data at risk. Cybercriminals, hacktivists, and nation-states prey on unprotected servers, leaving enterprises exposed to potentially catastrophic breaches that can lead to lawsuits, regulatory fines, and loss of customer trust,” said Christopher Strand, Senior Director of Compliance at Bit9.

With less than 100 days left, Bit9 survey and blog stresses that organizations yet to upgrade must immediately aim to get their Server 2003 systems into a compliant state to eliminate both financial and legal penalties and avoid the brand damage associated with failed audits, data breaches, and noncompliance. Effective compensating controls for organizations without an upgrade plan include network isolation, application whitelisting, and continuous server monitoring[1].

Read the full Windows Server 2003 (WS2K3) End-Of-Life Survey report here.

To get started with the Migration Planning, please contact Blue Turtle on or (011) 206 5600.

[1] Andy Patrizio, Network World, Windows Server 2003 support ends in 100 days, and many don’t even know, April 2015