by Ross Dyer
July 14th represents another major date in the calendar for IT professionals across the globe: the official end of Microsoft support for Windows Server 2003. We’ve been here before, of course, most recently with Windows XP. But despite having had over a year to prepare, the likelihood is that, come July, many organisations will still be running a major piece of software for which security updates are no longer available. There might be good reasons for doing so, but without taking the proper precautions first, businesses could unwittingly advertise themselves to cyber criminals as an attractive target for attack.
That’s why we are recommending our Deep Security platform as the best way of ensuring that Windows Server 2003 End-of-Life (EoL) doesn’t become the biggest security threat of 2015.
The problem with EoL
There are many reasons why firms will still be running the 12-year-old server OS after July 14. It won’t all be down to poor planning. Some may have run out of budget or resource and need to wait before migrating. Others may have found that mission critical applications and hardware running on top of the platform aren’t compatible with upgraded versions – further delaying and complicating matters.
Yet with some estimates putting the number of Windows Server 2003 machines out there at 10 million globally at least, there will be enough exposed companies to attract the attention of the black hats. Without adequate security measures to shield systems against attack, firms are at risk from new exploits targeting vulnerabilities in the OS for which Microsoft is no longer producing patches. It’s not inconceivable that the bad guys are already working on and storing up new zero day exploits until after July 14, when they can deploy for maximum effect.
The end result for UK firms could be catastrophic data loss, with all the attendant clean-up and remediation costs, financial penalties, damage to brand and shareholder value, customer losses and legal costs. Firms could also find themselves on the wrong end of industry regulators if they fail to keep systems and security fully up-to-date, while operational costs could soar thanks to increased downtime.
Deep Security to the rescue
No organisation is the same, and many will have their own reasons for staying with Windows Server 2003 after July 14. But Trend Micro’s advice is to start planning your migration ASAP – no matter how difficult that path may be. Staying on an unsupported platform indefinitely is a risk manager’s nightmare. And given that major upgrades like this can take over 200 days – the sooner, the better.
But in the meantime there are things you can do to minimise risk and protect key systems from attack.
Trend Micro Deep Security features intrusion detection and prevention (IDS/IPS) technology designed to shield system vulnerabilities before they can be exploited by attackers. These so-called virtual patching capabilities will help organisations stay secure until they are ready to migrate off unsupported systems like Windows Server 2003, reducing costs and improving compliance efforts in the process. What’s more, Deep Security also provides integrity monitoring so that administrators can spot and stop any unauthorised changes to end-of-life systems where there shouldn’t be any.
With Deep Security you can:
- Protect your organisation against any new vulnerabilities exploited post-Jul 14, including zero day attacks
- Detect any malicious changes to the system, thus speeding your response to a cyber attack
- Smooth the migration path off Windows Server 2003 to newer, more secure systems
- Surmount any compliance challenges such as PCI DSS 3.0
- Patch business apps at your own pace, reducing costs and downtime
For more information visit: http://www.trendmicro.co.uk/business/windows-server-2003-end-of-life/index.html