On July 14th 2015, Windows Server 2003 will officially reach its end of life. This means the operating system will no longer receive security updates or assisted tech support and that future software and hardware may not be compatible with the system in coming years. As well, many companies who continue running the outdated system will probably fail to satisfy industry compliance requirements.

Why Change?

Many companies will nonetheless continue using Windows Server 2003 past its EoL. As of July 2014, the US Computer Emergency Readiness Team estimated 12 million physical servers worldwide were still running Windows Server 2003. And while this number has certainly declined in the interval, a recent TechRadar survey found that 8% of those still running the old OS plan to continue running it past the EoL.

Justifications for sticking with Windows Server 2003 range from compatibility concerns (especially between 32-bit and 64-bit systems) to migration costs to the perceived risk of compliance violation.

While it's true the operating system won’t stop working or suddenly become insecure when it reaches its end of life, running an outdated system inevitably exposes your organisation to considerably higher risks of cyber-attack, which will only increase over time.

For comparison, Microsoft issued 37 critical security updates in 2013 alone. With no security patches to ever be released again, it is only a matter of time before hackers uncover and exploit weaknesses in the unsupported system, leaving your company vulnerable.

20 Windows Server 2003 EOSThe Options

To safeguard your organisation, it is recommended that the best option is to upgrade to to newer solutions such as:

  • Microsoft Server 2008 (EOL in Jan 2020)
  • Microsoft Server 2012 R2
  • Microsoft Azure
  • Office 365

These will provide a longer term and more robust solution that will serve your business well for years to come. Microsoft’s newer systems are long-term solutions. They will not only resolve the issue of lapsed security, but also give the benefits of better performance, reduced maintenance requirements, and increased speed.

Of course, you don’t have to stay with Microsoft. Upgrading to another company’s cloud service is also a viable, and in some cases, better option.

If you haven’t already upgraded, your company is running out of time. As well, if you’re hoping to maintain continuity of security and support, don’t underestimate the time required for migration. For a data centre with 100+ servers, migrating from Windows Server 2003 may take an estimated 3-18 months.

Now What?

If you haven’t yet, it is time to set your evaluation and migration process in motion. Microsoft offers a wealth of resources on its website for companies looking to replace the out-of-date system. Their 4-step plan recommends…

  • Discovering which applications and workloads are running Windows Server 2003
  • Assessing and categorizing each application in terms of importance and complexity
  • Choosing a destination for each application in the data centre or cloud
  • Migrating, either on your own or with the help of a 3rd party provider

Should you choose a third party provider to help your company migrate to a new system, you will likely want one that covers the process from A to Z. So in addition to the migration itself, be sure to evaluate your needs for consultation, assessment, and compatibility resolution after the migration.

So as you prepare your company for the shift, have no illusions: the process is time-consuming and costly. But upgrading is a necessary evil and a cost of doing business that every company must plan for and eventually pay. On the bright side, however, as the industry increasingly shifts to cloud services, migration may be a hard pill you never again have to swallow.

Written by Emily White