Microsoft pushes security benefits of migration as Windows Server 2003 nears end of life

Australian companies' migration away from Microsoft's Windows Server 2003 is gathering steam as security concerns grow and the venerable platform enters its last 100 days before joining the ranks of Microsoft's end-of-life (EOL) platforms.

Tens of millions of users of the server platform have been busy preparing moves to Microsoft's more recent server platforms, which include 2008 and 2012 versions. Such moves will be necessary to ensure continued support, patches and updates to the server platform after Microsoft stops supporting the 2003 iteration on July 14.

Microsoft has been talking up the benefits of a migration from virtualisation, automation and productivity perspectives, highlighting a recent customer survey that found migrations to Windows Server 2012 had boosted virtual server densities by an average of 12.5 percent in larger firms and 16.7 percent in smaller businesses.

“We all know running unsupported software increases one’s exposure to security risks and software failures,” Microsoft Australia chief technology officer Greg Stone wrote in a blog this week.

“In fact, running even a single instance of unsupported server operating system has a higher risk than a desktop operating system, as any compromise will have a significant amplification effect on those who rely on it.”

Security has indeed proved to be a key concern for IT managers weighing a move away from the 2003 platform.

A recent Spiceworks survey found that security risks were by far the biggest concern of the 25 percent of surveyed IT managers who were still expecting to have Windows Server 2003 systems live after the EOL.

Fully 85 percent named security risks as their biggest concern with retaining the platform, compared with 66 percent naming compliance risks, 65 percent citing reliability and downtime and 58 percent naming data loss as a concern.

Companies making the switch need to make sure they have a robust user authentication and identity management framework in place, Stone warned: “The last thing you want is to have all your colleagues unable to access mission-critical workloads and bring operations to a standstill,” he wrote.

No less than the US Department of Homeland Security (DHS) has weighed in on the migration, issuing a formal alert last November warning that “computer systems running unsupported software are exposed to an elevated risk [of] cybersecurity dangers, such as malicious attacks or electronic data loss.”

Citing figures suggesting that some 12 million physical servers were still running Windows Server 2003 as of last July, the DHS warning also warned that running EOL software could potentially affect organisations' ability to satisfy compliance requirements.

Microsoft has documented its own migration and is using the mass migration as an opportunity to promote its Azure cloud-hosting platform – most recently citing the experience of water-trading exchange Waterpool in servicing rapidly-changing demand thanks to Azure – but it may still be a hard sell for many organisations.

While 74 percent of the organisations Spiceworks surveyed said they were planning to adopt server virtualisation in their new environments, just 12 percent said they were planning to migrate to a cloud environment – and half of those were only going to move their email to the cloud.

This article is brought to you by Enex TestLab, content directors for CSO Australia.