Greg Stone, Chief Technology Officer, Microsoft Australia
Greg shares how organizations can move on to embrace new opportunities by choosing to modernise and minimise risk.
While most CIOs are likely to be aware of the imminent end of support deadline for Windows Server 2003, what some might not realise is that the deadline – set for 14 July 2015, is only 100 days away and will not be extended.
I continue to see many IT leaders still struggling to balance the need for innovation while not wanting to rock the boat with old technology like Windows Server 2003. The concern? A survey from SpiceWorks found that 61% of businesses are still using Windows Server 2003, just four months before the end-of-support deadline[i].
What’s particularly troubling is that many have justifying their upgrade delay by saying that they are isolated from the internet to host legacy software. The way we use applications and the network today, I would truly be hard pressed to find a server that is not cloud-facing at all. My guess is, if they are running Windows Server 2003, there is a high chance they are also still running Windows XP. That would be like leaving your back door and your front door open while going on holiday!
We all know running unsupported software increases one’s exposure to security risks and software failures. In fact, running even a single instance of unsupported server operating system has a higher risk than a desktop operating system, as any compromise will have a significant amplification effect on those who rely on it.
Some might argue that they are being asked to do more with less and refreshing old technology that’s not mission critical or that the new skills required to support it can’t be justified.
However, a recent IDC study commissioned by Microsoft titled “Understanding the Business Value of Migrating to Windows Server 2012[ii]” clearly shows that staying on Windows Server 2003 will likely cost more in the long run. Aside from the security and compliance risks, organisations which choose not to migrate in fact suffer from reduced efficiencies, increased data centre operating costs and more resources spent on devising costly workarounds to support newer software.
Glass Half Full
There’s much to gain from modernising your infrastructure with Windows Server 2012. SMBs saw improved virtualisation density of up to 16.6% while larger organisations saw 12.5% after migration. Automated management also augment operating efficiency of systems and devices with fewer resources and improved service levels. Especially valuable for resource-lean SMBs.
It is no surprise then that the study also revealed that about a quarter of those who migrated cited positive outcomes in at least one of the following areas: security, compliance, manageability of the IT environment and performance of applications and resources within the IT environment.
The security threat landscape also continues to grow in magnitude and sophistication. Security today is a business problem, not just an IT problem.
Windows Server 2003 was not built for our present cyber-security context or cloud-based, mobility-centric business models.
Today’s employees expect to be able to use any device they wish and customers expect to be able to interact with businesses anytime, anywhere. Windows Server 2012 was designed to support these needs.
The question now should not be, “why move off Windows Server 2003,” but rather, “how can I move off Windows Server 2003 by July 2015?”
Lessons learnt from our modernisation journey
With 100 days to go, any organisation that’s planning to migrate from Windows Server 2003, will have to look at drastic and transient solutions. The average migration takes between 250 to 350 days to complete, depending on the number of servers and complexity of the environment. Realistically there are 4 lessons from our experience which I’d like to share:
Lesson 1: Bring in the experts
Cataloguing solutions and deciding what is required, what is not, how they run and which needs to stay on legacy hardware can be complex and time consuming. It would be advisable to bring in partners and consultants to assist with the early stages of migration, and to conduct training for staff to ensure they have the skills needed to run a modern IT environment .
Lesson 2: Over provisioning and identity management
While conducting the actual migration, make sure to overprovision on network capacity at the start and then scale back. Also, ensure you have your identity and authentication strategy in place. The last thing you want is to have all your colleagues unable to access mission-critical workloads and bring operations to a standstill.
Lesson 3: Look to the cloud
Provisioning hardware might be a challenge as well. The easiest solution here is to migrate directly to the cloud. At Microsoft, we’ve seen significant advantages from moving to a fully public cloud in terms of lower costs, reduced manpower requirements and the ability to scale our compute power more rapidly to adapt to changes in the business landscape. Jumping onto the cloud even means avoiding future end of life instances from affecting the business adversely. Refreshing technology would be far simpler. We have documented our move and share it here,
Lesson 4: “Lift and shift”
Should you find yourself absolutely pressed for time, one can resort to the “lift and shift” approach where you simply take the operating system machines and move them to a virtualised environment wholesale, without any modifications. Whilst not recommended, it might be best to do it given the time constraints. Get it done and then plan how to organise and catalogue your IT environment moving forward. Remember, a simple lift and shift can cost more in the long run if not followed up with a proper curation and optimisation of the environment.
The justifications are clear, the benefits are real and the path to modernisation is simplified from the lessons we’ve learnt internally. We at Microsoft are committed to sharing our experiences from our own modernisation journey and invite you to review the rich resources we’ve made available to customers at our Microsoft IT showcase.
Windows Server 2003 served its purpose well for its time. In many of your organisations, it probably still serves its purpose. But in the current mobile-first, cloud-first world with its combined high security and privacy demands, it certainly doesn’t enable you to make it better.