Is the ‘End-of-Life’ of XP and Server 2003 something to be really worried about?

iStock_000000823022

Some security ‘experts’ are saying that organisations face real and substantial problems come April 2014 when Microsoft ceases support and circulation of updates for these still popular operating systems, together with other similar 2003 vintage software. However, does Microsoft’s ‘end-of-life’ stance actually mean the real and instant ‘kiss-of-death’ for such systems? What likelihood is there of major security breaches occurring rapidly after this date?

Undoubtedly, organisations should review their inventory of these older systems and take a calm and considered view. In all probability equipment running XP or Windows Server 2003 is pretty long in the tooth. However, many business are still successfully using this combination of ‘mature’ software and hardware. So what are some of the alternatives?

Often older hardware does not have sufficient capacity in memory, CPU or disk terms to successfully upgrade to the very latest Microsoft alternatives. Interestingly, many open source offerings such as the various flavours of Linux will work quite happily or more lowly specified hardware. This will not be a route followed by many SME organisations we would suspect – but for some it maybe a low cost alternative which will be supported and won’t be end-of-lifed any time soon!

The other way forward is to carry on using these older Microsoft systems and ensure you continue to run up to date anti-virus and anti-malware software. In addition using perimeter defences to protect your network from internet threats is an obvious addition. NetPilot have excellent products that automatically keep themselves updated and offer Unified Threat Management and Firewall on behalf of all networked PCs and servers – not just those aging a little. This combination gives you some breathing space beyond the current Microsoft deadline.

A couple of caveats to think about. One is to make sure you are adequately backing up old (and new!) systems and have a disaster recovery plan. What happens if your office is flooded or catches fire tomorrow – how do you recover from the situation of using old software? Can you readily get you existing data working quickly with later Microsoft software – not just the operating systems but what about applications too? Secondly, what about the situation where the bad guys decide to attack 2003 software in some new way that obviously will not be then countered by Microsoft. On the optimistic side, the bad guys have had ten years trying to break all the variants of 2003 – is there anything else left to try? The more conservative approach is perhaps: let’s beef up the security defences now and make a retirement plan which is dictated by our timescales and budgets – not Microsoft’s cost savings and sales targets!

Other software impacted includes Exchange 2003, Office 2003. SharePoint Portal Server 2003 and Small Business Server 2003.

No Comments Yet.

Leave a comment