- Managed Services
- Project Based Services
- Remote Support
- Web Design
- Social Media
- Server 2003 End of Life
- Data Backups
- Anti-Virus Protection
- Malware Removal
- Software Updates
Project Based Services
- Wireless and Wired Network Installation and Maintenance
- Virus and Malware Removal
- Wipe and Reload
- Data Backup and Recovery
- New Computer Setup
- One on One Training
- Software Installation
At Coastal Computer Consulting, we’re always looking on the horizon for issues that will impact our clients’ business. Windows Server 2003 support will end in July of 2015. This is a major issue that’s on the horizon, and it’s getting closer.
By acting now, you can plan your transition to new server or cloud-based sharing technology to ensure uninterrupted workflow and to keep you in compliance with security and privacy standards.
The end of Windows Server 2003 support means that Microsoft will no longer be providing updates, support, or security patches for Server 2003. Even if you have upgraded your desktops and laptops to Windows 7 or Windows 8, this is not enough to keep your data secure. Please see the additional notes below regarding regulatory compliance and security. Your server is a critical hub on your network that you don’t want to become the weakest link in your chain of IT security. By continuing to run Windows Server 2003 after July 14th, 2015, you will place yourself at potential security risks and possibly in a regulatory noncompliance situation.
Upgrading can also provide cost benefits to small businesses that migrate to the new Office 365 and take advantage of the cloud-based Exchange services currently offered by Microsoft. Are you using your server only for file sharing and email? Making the transition away from Server 2003 might be easier than you think, and could save you money in next year’s IT budget.
For larger enterprises that require an in-house server, or multiple servers at separate office locations, the new features of Server 2012 make managing your IT environment easier. Remote access technologies have also improved to provide a greater degree of flexibility and ease of management for mobile workforces. Please see the additional notes below regarding migrating to Server 2012 and why you should not make an interim upgrade to Server 2008. Unlike Windows XP and Windows 8, many of the applications and services from Server 2003 are compatible with Server 2012.
The reality is that, for many businesses, this is about more than just Windows Server 2003. Given the age of Server 2003, the chances are high that other hardware and software products on your network are also aging. The list of products that businesses should be concerned about would include applications, middleware, database products, and management tools, all of which may be approaching or already past their supported life cycles.
For clients who are still running Windows Server 2003, your entire network should have a network health evaluation or audit performed to ensure there are no other hardware, devices, or applications that are putting you at risk or out of compliance. Out of date software products and out of date hardware on your network leave you at even further potential risk should a problem arise.
At Coastal Computer Consulting we always use the most trusted sources when providing advice to our clients. The Microsoft-sponsored IDC white paper “Why You Should Get Current” outlines some of the key concerns businesses face after the conclusion of the extended support cycle:
· Lack of patches/updates/non-security fixes. No-cost, non-security-related update support terminated on July 13, 2010. However, support for non-security-related updates was available on a for-fee basis to businesses that felt it was important to continue to have access to fixes that could help their system run optimally and perform well.
· Elimination of security fixes. Businesses see security fixes as being among the most critical fixes for their installed servers. These fixes will no longer be delivered to businesses for their Windows Server 2003 servers, regardless of how severe a given issue may be. This may be less of a problem with many aging Windows Server 2003 applications, mainly because the applications still in use are increasingly likely to be inward facing rather than outward facing.
· Lack of support. Businesses no longer have the ability to contact Microsoft for technical support in the event of a server problem. This becomes particularly important when a system experiences an outage and businesses are unable to restore the system and recover data and applications from the stalled machine.
· Application support challenges. Application ISVs dislike having a complex support matrix and typically support current versions along with a finite number of earlier editions of the product. For most ISVs, an 11-year-old application is probably already past its rational support life cycle, and in most cases, these application ISVs are about to discontinue or have already discontinued support for aging operating system environments such as Windows Server 2003.
· Compliance issues. Businesses in regulated industries or handling regulated data, including healthcare and payment card industry (PCI) data, may find that they are out of compliance, which could mean fines or being cut off from key trading partners that seek to protect their own regulatory compliance status.
· Inability to leverage modern cloud options from Microsoft and other vendors. Windows Server 2003 can run on virtually every hypervisor in the market, but that does not mean it is an equal player in these modern deployment scenarios. For example, Windows Server 2003 installations cannot be re-hosted in a Microsoft Azure environment, unless it is a 64-bit image, but the vast majority of Windows Server 2003 installations are 32-bit solutions. So even if businesses bring the 32-bit image to the Azure cloud, they cannot continue using that operating system instance. When spinning up new infrastructure-as-a-service (IaaS) instances in Azure, Microsoft provides catalog images only for 64-bit instances of Windows Server 2012 R2. Businesses looking to develop a hybrid cloud strategy will find that Windows Server 2003 will not offer the same level of convenience that Windows Server 2012, along with modern companion technologies such as System Center 2012 R2, brings to the table.
The team at Coastal Computer Consulting is experienced in upgrading enterprises to new in-house servers and migrating services to the cloud. Whichever path you choose, we’re here to help you along the way.
We recommend following the Microsoft path to migration. Microsoft outlines four steps to migrate away from Windows Server 2003:
First, determine which applications and workloads are running on Windows Server 2003 today.
Categorize applications and workloads by type, importance, and degree of complexity.
Choose a migration destination for each application and workload, either in-house or in the cloud.
Build your migration plan and migrate your applications and workloads to new servers or to the cloud.
Additional Notes Regarding Regulatory Compliance and Security:
Businesses that continue to run Windows Server 2003 expose themselves to potential security risks and place themselves potentially in a regulatory noncompliance situation. Even if regulatory compliance is not a concern, the security improvements that Windows Server 2012 offers are worth adopting if just to help defend against hackers and industrial espionage.
The PCI group is a standards group that governs security for the credit card processing industry. To comply with your credit card processing agreement, you must meet the PCI standards. Any businesses that are running Windows Server 2003 and processing credit cards will be out of compliance with PCI standards and put their credit card agreement at risk by continuing to run Server 2003 after July 14th, 2015.
For medical offices and businesses that process medical records, continuing to run Windows Server 2003 will place you in breach of compliance with HIPPA standards. HIPAA Security Rule section 164.308(a)(5)(ii)(B) states that businesses must use "procedures for guarding against, detecting, and reporting malicious software”. With Microsoft no longer releasing security patches for Windows Server 2003 to protect your system against malicious software, you fail to comply with this HIPAA Security Rule specification and breach HIPAA compliance.
Unlike Windows XP, where there were application migration challenges that created barriers for some businesses to move forward to Windows 8, Windows Server 2012 offers relatively good application compatibility with Windows Server 2003. Although Windows Server 2012 is delivered as a 64-bit operating system, most 32-bit applications that have no 16-bit code segments should install and run on Windows Server 2012. The main exception to this compatibility is applications that operate in kernel mode rather than user mode. Security applications and some system utilities such as backup and management agents are among the applications that are likely to need an upgrade as part of a migration to Windows Server 2012.
Windows Server 2012 offers a lengthy list of improvements compared with Windows Server 2003, including integrated virtualization, better security, extensive scalability, new operational roles, script execution capabilities, and far more. While it is a substantial learning curve to move directly from Windows Server 2003 to Windows Server 2012, businesses are well advised to not make an interim upgrade to Windows Server 2008 as that product is facing end of mainstream support in January 2015.