Your work is vital. We are raising funds to support it.
Remember when The Matrix series was still playing in movie theaters, the Marlins beat the Yankees in the World Series, and Beyoncé released her first solo single "Crazy in Love" (featuring Jay Z)? That year was 2003, which is also when Windows Server 2003 came out.
While Bey and Jay Z will do alright, your server running Windows Server 2003 won't be alright for long. Windows Server 2003 is officially reaching end of life (EOL) in mid-July.
"End of life" means that security updates to the system will no longer be issued, and you are at serious risk of a data breach if you continue using Windows Server 2003. Hackers are anxiously waiting to exploit any vulnerabilities associated with this event.
If you are still on Windows Server 2003, you are also missing out on additional functionality introduced in subsequent releases such as virtualization, remote access, and many other server management enhancements.
Microsoft had already stopped releasing non-security updates in mid-2010. The official end of life for Windows Server 2003 also means that even Microsoft products like System Center Endpoint Protection and Forefront Endpoint Protection will no longer provide updates.
For TechSoup members who use Symantec Endpoint Protection (SEP), version 12.1 will continue to support Windows Server 2003. However, Symantec has stated that "future versions of SEP may drop support for retired operating systems."
For health organizations specifically, just like the "XPocalypse" of last year when Windows XP reached its EOL, Windows Server 2003 EOL will also mean you will no longer be HIPAA compliant.
Although the following quote was in reference to XP and the HIPAA implications of continuing to use XP after its end of life, it bears repeating because it's also relevant in the context of Windows Server 2003:
"This is not something to mess around with. Besides the obvious ethical concerns of failing to protect privileged information, HIPAA is federal law and your organization's professional responsibility — there is no excuse. There are legal consequences to failing to be in compliance and there are also funding consequences. Funders do not want to be seen supporting organizations that cut corners around the safety of patient information."
With the official end-of-life date already only six weeks away, it's still not too late to start.
Keep in mind that while Windows Server 2008 is the next family of server products, you should consider moving straight to the latest Windows Server, or cloud instances that are applicable to your organization.
If you absolutely can't upgrade before mid-July, we would advise that you keep unsupported systems offline and isolated.
Microsoft suggests a "Discover, Assess, Target, and Migrate" framework on its website, with links to helpful additional content that Microsoft staff members have created to help you migrate.
Analyst firm IDC, in a white paper sponsored by Microsoft, suggests these steps for your migration plan:
Kevin Lo | Senior Program Manager, NetSquared.org | a part of TechSoup Global
This work is published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.
Close this window