Server 2003 has also received less discussion due to changing attitudes towards OS migration. Following multiple end-of-life 'non-events', IT professionals have grown increasingly circumspect about the need for migration. In many ways we have grown far too accustomed to the Y2K effect, where everyone in the industry starts panicking only to realise that - in the vast majority of cases - nothing actually changes.
Most IT professionals were able to see this first hand at the end of Windows XP. For every article or whitepaper calling for a rational and measured response, there were 10 proclaiming revelations-style destruction throughout the IT and business community. When the deadline did eventually come to pass, everybody realised that the security threats were much slower burning than expected, and would only gradually worsen over the months to come.
How big of a threat does the end of Server 2003 pose?
Ironically, in many ways it is the lack of hype around Server 2003 that could cause the biggest security threat. While the mania surrounding the end of XP didn't help to solve the issue, it did at least raise widespread awareness. The biggest problem we now face is that too many businesses remain either ill-prepared or simply ill-informed about the consequences of not migrating their OS.
The physical security threats, as with XP, will not manifest as some massive organised attack on 14th July. Instead, the potential security issues will develop over time, leaving business systems unpatched and vulnerable within the long-term.
Security aside, the bigger risk for businesses lies in a lack of application compliance. Those organisations that fail to move away from Server 2003 will quickly find themselves unable to receive vendor support and outside of their legal requirements. As a result, if a vital application were to stop working three months down the line, vendors will simply refuse to provide updates or fixes to maintain applications for a twelve-year out-of-date operating system. Not only can this leave businesses vulnerable from a security point of view, the resulting application downtime can also significantly impact an organisation's bottom line.
For some businesses this is a risk they may be willing to take. For those in the public or financial sector, however, a lack of vendor compliance can lead to serious legal issues. This is turn will often result in hefty fines, further damaging an organisation's bottom line.
How many businesses are still using Server 2003?
Given that a lot of vendors have been trying to encourage people to switch to their preferred solutions (AWS, The Cloud, Windows Server 2012), the number of active 2003 servers remains surprisingly high.
According to estimates from earlier this year, the 12-year-old operating system is still running on as many as 11 million individual servers around the world. This figure represents around 1.6 million organisations worldwide, along with 400,000 businesses in the UK that are still running Server 2003.
Sign up for Computerworld eNewsletters.