Microsoft Ending Support for Windows Server 2003 Operating System

NCCIC / US-CERT

National Cyber Awareness System:

11/10/2014 07:19 AM EST
Original release date: November 10, 2014

Systems Affected

Microsoft Windows Server 2003 operating system

Overview

Microsoft is ending support for the Windows Server 2003 operating system on July 14, 2015.[1] After this date, this product will no longer receive:

  • Security patches that help protect PCs from harmful viruses, spyware, and other malicious software
  • Assisted technical support from Microsoft
  • Software and content updates

Description

All software products have a lifecycle. End of support refers to the date when Microsoft will no longer provide automatic fixes, updates, or online technical assistance.[2] As of July 2014, there were 12 million physical servers worldwide still running Windows Server 2003.[3]

Impact

Computer systems running unsupported software are exposed to an elevated risk to cybersecurity dangers, such as malicious attacks or electronic data loss.

Users may also encounter problems with software and hardware compatibility since new software applications and hardware devices may not be built for Windows Server 2003.

Organizations that are governed by regulatory obligations may find they are no longer able to satisfy compliance requirements while running Windows Server 2003.

Solution

Computers running the Windows Server 2003 operating system will continue to work after support ends. However, using unsupported software may increase the risks of viruses and other security threats. Negative consequences could include loss of confidentiality, integrity, and or availability of data, system resources and business assets.

The Microsoft “Microsoft Support Lifecycle Policy FAQ” page offers additional details.[2]

Users have the option to upgrade to a currently supported operating system or other cloud-based services. There are software vendors and service providers in the marketplace who offer assistance in migrating from Windows Server 2003 to a currently supported operating system or SaaS (software as a service) / IaaS (infrastructure as a service) products and services.[4,5] US-CERT does not endorse or support any particular product or vendor.

References

Revision History

  • November 10, 2014: Initial Release

 

Our partnership with Rapidscale allows you to never have to worry about these types of announcements ever again.

CloudApps is the next generation application purchasing and licensing management platform for business. CloudApps connects businesses with the applications they want while eliminating licensing management and application upgrades. With CloudApps, the application purchasing process is automated from per user or per business purchasing to application approval workflow delivered on one bill.

Check out more at http://www.primetelecommunications.com/infrastructure-service/.

Advertisements

Football Basics and Business IT: It’s all in the Fundamentals

I was watching the news last night with “She who Must Be Obeyed” (a.k.a  my wife, Polly). During the sports segment, football came on. I began to think about my high school football coach. He and I didn’t get along. However, he did instill in me the elements of a successful football strategy. It can be applied to business IT very easily

  1. Block and Tackle- your safety depends on it.
  2. Have an Executable Plan and Stick to it.
  3. Don’t get Juked

Like they say, “Everything else is commentary, go learn it!”.

Security: Blocking and Tackling

While there’s no such thing as an IT environment that is 100 percent secure, taking fundamental steps to assess and  harden IT systems is the basic “blocking and tackling” of IT security that removes the root cause of the vast majority of breaches. These steps include:

» Assess and inventory configurations on all servers and devices, and compare the results to some under-stood, recognized security standard (like CIS, NIST, or ISO 27001)

» Gain immediate, real-time insight into any changes to the files, configurations items and states that define this security standard

Blocking and tackling for security professionals means going back to basics and eliminating the “easy ins” preyed on by attackers, like open ports and unused services, the use of default or easily guessed administrator passwords, or improperly configured firewalls.

Blocking and tackling for IT security teams also means keeping continuous watch on these systems, to detect the clues that indicate attacks in progress, like security controls disabled by anti-forensic activities, oddly elevated permissions or unexpected changes to critical files.

Security configuration management solutions are built to make these issues visible to IT security professionals, and to give them the information and tools they need to manage them in the most automated way possible.

Software as a Service (SaaS): Have a Executable Plan that incorporates the 5 Elements of Success

The value of SaaS applications depends on a very short time to results.

Principle #1: Integrate Quickly

Business leaders are adopting SaaS applications because the functionalities provided are immediately available, and the learning curve is usually quite short. However, users need relevant data before they can get full value from the software, and any event captured in the application has to be reflected in other systems.

Principle #2: Ensure Real-Time Data

Synchronizing data irregularly will introduce a latency that could impact your customer relationships or decrease your efficiency. Without real-time data, your people and systems will not have the current business context.

Principle #3: Control Costs

When you integrate SaaS applications, which is necessary for them to deliver value, your teams must propose an integration method that preserves the SaaS cost advantage a minimum upfront investment with costs determined by usage.

Principle #4: Integrate More and Faster

Should you plan to integrate a few applications that you won’t expect to change or constantly integrate new ones? For the answer, look at the trends. SaaS applications will offer broad palettes of functions that can be easily leveraged. Because most SaaS functionalities are standard (not custom), differentiation will come from combining applications.

Principle #5: Build Mature Integration Capabilities

Leveraging integration platform templates will help turn your entire organization into a flexible cloud where even small operations can easily and rapidly access your corporate business functionalities just as they would SaaS applications.

 

BYOD: Don’t get Juked (a.k.a. Don’t Fall for Fake Tactics)

All of the major wireless carriers are coming out with programs that allow users to get an annual upgrade on their smart phones. If you are a smart phone manufacturer, that is good news. If you administer your company’s devices, it’s a nightmare- both costly and in terms of your network security. With all of the churn and burn in the wireless industry, you need to have a relationship with the corporate side of the carriers. Make sure that you have a dedicated business partner at the carrier who you know and can offer you the best solutions for your needs.

Recently, our carrier sold the client base to Sprint. When we went to Sprint for a new deal, they came back with a hefty proposal. We repeated the steps with all of the major carriers. Eventually, T-Mobile and our contact Keith Mercado, came to the rescue with a program that was actually half of what we were spending previously. By the way, we all got new phones.  Had we gone with the new JUMP program from T Mobile, we actually would have increased our monthly spend many times over.

Want to know more? Click Here!