If it ain’t broke, don’t fix it. In most cases, we agree – but not when it comes to running your business on operating systems and servers that have reached end of service. Even if it doesn’t seem to be giving you issues right now, it’s a bad idea – and flat out dangerous. Even running older software can sometimes be dangerous. Windows users are being advised to remove Quicktime from their computer because of dangerous vulnerabilities that won't be patched.
Unfortunately, outdated systems still have a pretty large foothold. Two years after reaching the end of service, Windows XP is still installed on more than 180 MILLION computers. Many companies are still running on Windows Server 2003 (which reached end of service in 2015) or SQL Server 2005 (which reached end of service April 12, 2016).
Generally, this is because the server isn’t actively screwing up or causing any issues and it can be pretty expensive to replace a server. But the potential is there for it cost you a whole lot more to NOT replace it.
So, what does End of Service mean?
End of service (also called end of life or end of support) for both operating systems and servers means the system is no longer being supported by the manufacturer. This mean no support from a customer service standpoint when something goes wrong (your local IT company may still support it though).
It also means you won’t get any new updates. On the surface, this doesn’t sound bad. Not getting access to new features may not be a big deal – but not getting any new security updates is.
If you're in a business that must meet regulations like HIPAA, running on outdated equipment also means you’re probably out of compliance, which means hefty fines and a loss of customer and patient trust.
Why is it dangerous?
Servers and operating systems that have reach end of life aren’t getting new security patches, which is where the danger comes in. Your system is completely open to any vulnerabilities found after the system reached end of service and you won’t have a way to close the holes.
On top of that, with every new round of patches that comes out for newer operating systems/server, hackers are basically given a list of vulnerabilities they can use against anyone using an out of date OS or server.
If you think your business is too small to be a target for hackers, you’re wrong. Hackers know small businesses don’t have nearly as much money to spend on data security as the big guys and use that to their advantage.
What should you do?
Keep your machines (whether it’s servers, PCs, phones, etc) up to date. No, we don’t mean go out and updated to the latest operating system as soon as it comes out. But be aware of what machines you do have and be prepared to update them before end of service. If you have machines that have already reached e
If you have machines that have already reached end of service, migrate to new machines ASAP. Be aware of what's installed on your company's computers, too (and if any Windows computers are running Quicktime, remove it ASAP!) and uninstall older programs as they stop being supported by the manufacturer.
PCs running outdated Operating Systems
Before updating operating systems, make sure any line of business applications you use will be compatible with whatever you’re upgrading to. You’ll also need to check to make sure the computer you’re updating can support the new operating system. You can check the system requirements for Windows 10 here.
Unfortunately, if you’re running Windows XP (or earlier) and want to move to Windows 10, there isn’t a direct path to do it. You’ll need to upgrade to Windows 7 first, then from there, update to Windows 10.
Moving off of an outdated server is a much bigger, and more expensive, animal than just updating an operating system. You have three options: purchase and migrate to a new physical server, move your systems to the cloud or a hybrid solution that moves some systems to a physical server and some to the cloud.
All the options have their advantages and disadvantages, which we won’t get into too much here. The biggest difference, though, will be cost. Physical servers are typically a large one-time cost (until you need to upgrade again) and cloud storage is usually a low monthly fee. Hybrid solutions, unsurprisingly, have a mix of both upfront costs and on-going monthly fees.
Whichever direction you decide to go in, make sure any line of business applications are compatible with what you move to. Otherwise, you’re in for some headaches.
Updating operating systems and servers can be a pain, but it’s nothing compared to the problems that come with getting hacked. If you need help updating your old equipment, please let us know!