Windows Server 2008 End of Life – Is Your Organisation at Risk?

Windows Server 2008 extended support will be ended by Microsoft on January 14th, 2020. This move is seen by many as a push for users to migrate servers to Microsoft Azure and this is substantiated by Microsoft themselves offering 3 years of critical security updates to customers who make the transition.  The scale of this problem cannot be understated.  Statistics on Server 2008 usage are not easy to find but the lower estimates suggest 70% of Server OS installations are Windows and of these 40% are Server 2008 or earlier.

 

The risks of not upgrading or extending security updates to your server environment is probably clear to most people.  Whilst the systems will continue to work the infrastructure will become vulnerable to cyber attacks and no doubt criminals will increase their focus on these weaker, unsupported environments.  Risks of data loss will increase over time and of course this will result in not just a continuity risk to your business but potentially a compliance and regularity risk depending on the nature of your business.   British Airways have some experience of this risk in a recent security breach – https://www.bbc.co.uk/news/business-48905907

 

What are your Options

 

At this late stage migrating directly to Azure would unlikely be a realistic option for all but the most basic of IT infrastructures.   There are several options and indeed a pathway that should be taken.  Based on an understanding of your infrastructure your IT department or IT service provider can offer the following options

 

  • If servers cannot be upgraded or migrated in time customers may be able to purchase Extended Security Updates for 75% of the full annual license cost. This option may provide some relief to organisations to start planning their options and migrating applications to Azure over a 3-year period.  There will be a 3-year limit on this option.
  • Upgrade to Windows Server 2012. This can be undertaken in a single step and provides the quickest and easiest solution.  Obviously, this is likely to just defer the problem to 2023 when Microsoft intend to discontinue support of the 2012 environment.
  • Upgrade to Server 2016 or Server 2019. The options for this process are to either carry the upgrades out sequentially from 2008 to 2012, 2016 etc. or provide a clean installation on the platform preferred an appropriate for your environment.

 

We have been evaluating the risks of this deadline for our clients carefully.  If you are unsure if this affects you please contact me at chris.young@functioneight.com or +44 07985 686688 to arrange a free audit of your IT systems.