Microsoft Windows Server 2008 reaches the end of its support lifecycle on 14th January 2020.
If you still maintain Windows Server 2008 or 2008 R2 instances in your infrastructure, you are exposing your organisation to risk. What can your organisation do now to maintain the appropriate levels of security and compliance?
Microsoft Windows Server and SQL Server 2008 continue to host a huge number of applications and databases throughout the world. However, Microsoft no longer supports SQL Server 2008, and the end of support date for Windows Server 2008 and 2008 R2 has been set for 14th January 2020.
This means that Microsoft will no longer provide technical support or issue security updates. By maintaining Windows Server 2008 or 2008 R2 instances in your infrastructure, you are introducing security and compliance risks to your organisation. In this blog, we will explain these risks and run through the go-forward options available to you.
Windows Server 2008 Risks
There are three potential risk areas for your organisation if you retain Windows Server 2008 or 2008 R2 instances in your infrastructure:
- Security risk. Windows Server 2008 and 2008 R2 are fast approaching their end of support date of 14th January 2020. SQL Server 2008 has already reached end of support. End of support means that Microsoft will no longer issue security updates for either SQL Server or Windows Server 2008 or 2008 R2. Regular security updates are an essential element of maintaining secure systems. Once support ends, cyber criminals will target any flaws in your SQL or Windows Server 2008 instances, and Microsoft will not be issuing updates to protect you – you will be on your own.
- Compatibility and compliance risk.Hardware and software vendors align to Microsoft’s product lifecycles relatively closely, as they understand that many organisations use Microsoft systems to access their services. Once support for SQL and Windows Server 2008 ends, new products will begin to cease to support those platforms and support for compatible legacy products will shrink. There may also be compliance issues associated with continuing to use SQL and Windows Server 2008 once they reach end of support, as security patches will cease to be applied.
- Support risk. Whatever your IT support provider, from 14th January 2020 no issues with Windows Server 2008 instances can be escalated to Microsoft – no matter how critical. Vendor support underpins critical systems – without it significant risk is introduced to your organisation’s compliance, uptime and security.
If your organisation has been happily hosting SQL and Windows Server 2008 instances to this date, it may be tempting to retain them in order to maintain stability and consistency of service. However, you are drifting into exposure and risk that your organisation cannot afford.
At Six Degrees we believe there are some great reasons to upgrade, both to mitigate risk to your organisation and to take advantage of the impressive features and benefits that come with the latest SQL and Windows Server technology from Microsoft.
Options Available to Your Organisation
If your organisation maintains SQL or Windows Server 2008 instances in your infrastructure, you have five options. Whatever option you choose, a decision is needed now: 14th January 2020 is fast approaching!
Option One: Do Nothing
Your organisation can choose to do nothing and let support for SQL and Windows Server 2008 run out. By doing so, you accept the risks of potential downtime and data breach. Although it seems temporarily cost-effective, if and when something goes wrong, the resultant costs may be significant: on your organisation, your reputation and more.
Option Two: Purchase Extended Security Updates
If you are unable to upgrade before 14th January 2020, Microsoft is offering Extended Security Updates for three years. These updates will give you access to support and security updates to minimise risk to your organisation. But it will be at a cost: the extended three year Extended Security Updates option can be expensive in comparison to upgrade offerings.
Option Three: Assess Your Environment Now
Six Degrees can perform an assessment for your organisation to identify your options immediately. In addition, if you want to understand your security posture now our penetration testing services will identify any gaps in your cyber security defences.
Option Four: Upgrade to the Latest Windows Server and SQL Server
Upgrading to the latest version of Windows Server and/or SQL Server will mean that your organisation benefits not just from regular security updates, but also the most recent performance and innovation features. SQL Server 2019 is the new standard for performance and efficiency, and it includes built-in security features to help you harden your platform. Meanwhile, Windows Server 2019 is the operating system that bridges on-premises environments with Azure, adding additional layers of security whilst helping you modernise your applications and infrastructure.
Option Five: Migrate to Azure
The final option is to migrate your existing Windows Server and SQL Server 2008 instances across to Microsoft Azure. If you are thinking about upgrading, consider moving to Azure SQL Database rather than carrying out an on-premises upgrade. Azure has extensive built-in security, along with 70+ compliance certifications. Re-hosting workloads in Azure can be the basis for a wider transition to modern Platform as a Service (PaaS) offerings to reduce management overheads and increase your return on investment. And better yet, if you migrate workloads to Azure, Microsoft is offering three years of Extended Security Updates at no additional charge.
Windows Server 2008 – Time is Almost Up!
If you run SQL or Windows Server 2008 instances in your environment, time is running out. Six Degrees can help you address this urgent need, and will support you irrespective of your choice from the options outlined above.
If you’re wondering what’s next for your Windows Server 2008 instances. Our experts will give you all the guidance and support you need.