image source: https://www.flickr.com/photos/jayceeloop/2193704449
Don't Let Clients Keep Prehistoric Systems.
By now, I’m sure you’ve heard that Microsoft is retiring updates and patching for any system using Windows Server 2003 and Server 2003 R2 come July 14th. Still, how many of your clients have yet to evolve by migrating to a newer server OS? Once it's gone, it's gone. You can't rely on Dr. Hammond to bring it back to life in the form of some cloned hybrid version. About a year since its EOL date, and you don't see a Windows XP Park anywhere on Isla Nublar, do you?
Learn what Microsoft's latest end of support means for MSPs, why your clients should take action NOW to avoid having a short window of time to complete the lengthy Windows Server 2003 migration and, how you can make this a smoother, painless process for them without exhausting your own tech resources.
Jurassic World hits theaters this weekend, but that's not the only date you've had on your radar. July 14th will creep up sooner than you or your clients realize.
Have you already approached clients using legacy servers? Ideally, they've begun to migrate, but it's likely you have a percentage that either has no plans to transition or assures you that they will, just at a later date. A recent Spiceworks report, The Great IT Upgrade, found that only 15% of surveyed IT professionals had fully migrated from Windows Server 2003, while 48% had partially migrated and 28% indicated plans to migrate. Of these respondents, 8% had no plans to upgrade, despite the security risks that accompany any technology that receives the EOS kiss of death.
As an MSP trying to get client buy-in, you should be familiar with two main sales talk tracks:
- Why it's necessary to migrate from Windows Server 2003
- Why it's necessary to begin the migration process NOW
Let's examine each more closely:
The Business Case for Migrating
Microsoft spells it out for consumers on their website:
What does end of support mean for you? After July 14, Microsoft will no longer issue security updates for any version of Windows Server 2003. If you are still running Windows Server 2003 in your datacenter, you need to take steps now to plan and execute a migration strategy to protect your infrastructure.
That means come July 14th - 33 days from now - clients who have not fully migrated will be without protection if they're hit with a virus or suffer a data breach. They may think it's a risk worth taking since it's not guaranteed that they'll end up in this what-if scenario, but so many of their SMB predecessors have followed this naive approach to cybersecurity, only to watch their business fold when systems were compromised or dormant vulnerabilities were exploited. In fact, the Microsoft Windows Server Team reminds us that "there were 37 critical updates for Windows Server 2003 in 2013 and 21 critical updates in 2014." Even though the technology has been around for over a decade, new issues in Windows Server 2003 will continue to arise, these flaws will need correcting, and Microsoft won't be providing support.
Do you remember when the electric perimeter fences are deactivated in Jurassic Park? The monstrous T-Rex escapes and having just scarfed down her goat main course, attempts to eat poor little Timmy and Lex as dessert. On July 14th, clients who have not moved from Windows Server 2003 will be left just as vulnerable. There's nothing securing their networks from outside attacks. Microsoft will turn off the power and they'll be on their own. Hopefully, none of them get the Gennaro treatment.
Maybe they need more convincing...
image source: www.quickmeme.com
As any medical practice or company serving the healthcare IT vertical knows, compliance is nothing to take lightly. Our friends at CMIT Solutions have been tracking progress with Microsoft's newest casualty. In their latest blog post, CMIT suggests clients that refuse to migrate could become HIPAA and PCI non-compliant, leading to loss of business "or dramatically increas[ing] the cost of doing business thanks to high transaction fees and civil penalties."
The compliance push factor is a significant one. If clients discover that moving from Windows Server 2003 is not just a recommendation, but a legal requirement for their respective industries, they'll be much more likely to heed your advice to upgrade. One MSP on Reddit swears by this selling strategy:
Extra costs to maintain outdated servers
All throughout Jurassic Park, Dr. Hammond raves about his park's amenities, claiming he "spared no expense!" Of course, as fans of the movie know, it didn't really matter if the park offered a 5 course dining experience if...you know...the safety of the tourists was constantly threatened. As MSPs, you don't want your clients mindlessly throwing money at their problems, and they're in danger of doing just this if they refuse to migrate.
The costs of supporting Windows Server 2003 past the July 14th deadline are significant. Computerworld insists that these clients will have to purchase intrusion detection systems, advanced firewalls, and network segmentation to protect themselves in lieu of migration. This doesn't even take into account the additional costs of maintaining hardware. Indeed the benefits of migrating outweigh the costs of sticking with the outdated platform. In many cases, it will be more expensive to maintain support for Windows Server 2003 than it will be to migrate.
Why Clients Need to Begin Migrating ASAP
OK so how do you handle your procrasti-clients, that particular species of customer that understands they need to upgrade for all of the reasons listed above, but have yet to reach out to you to take next steps? I guarantee that these SMB decision makers know nothing about the migration process, and why should they? That's not their job. That's why they have you! As their trusted advisor, you have to let them know that this migration is a time-consuming process. They may be thinking, "Oh I still have a month left to do it. There's no rush." You, of course, know that the average Windows Server migration can take up to 200 days to migrate, and you have to account for planning time. As your clients' MSP, it's your job to convince them that the Windows Server 2003 end of support is an urgent matter and one that needs to be addressed ASAP.
You've heard of chaos theory?
Think about Jurassic Park once more. You already know hackers are the worst, arguably more terrible than doctors who play God by disrupting the natural order of life. Remember when the awful Dennis Nedry hacks into the system and deactivates some of the electric fences to escape the park with the dino-embryos. Sattler and company don't just decide to take the night off and figure it out in the morning when they can't undo his code. No, Grant and the kids are a bit preoccupied dodging a T-Rex, and the last thing they need is more dinosaurs being given free range of the park. That would be utter chaos! The Dilophosaurus certainly did some damage when it was released. Take that, hackers! No, for all Sattler and the others knew, the pack of clever Velociraptors could have been on the loose, opening doors and slashing Muldoon with six-inch retractable claws like razors. Spoiler alert: this actually happens when the team is forced to shut down the whole grid. The point is that the crew recognized the sense of urgency and knew they had to immediately shut off all the power in order to do a full restart, thus reactivating the electric perimeter fences and restoring what little order there was to Jurassic Park.
image source: comicspaladin.blogspot.com
Helping MSPs Tackle Migration Projects
Maybe it's not your clients that need the convincing. Are you concerned that you don't have the bandwidth to complete such an arduous project? Why not remove the migraine from migrations? Enlist the help of an RMM provider that will take these services off of your hands! Our Tech Advantage program allows you to cost-effectively expedite more than 85 desktop and server projects for your clients. As the deadline approaches and more of your clients rush to migrate from Windows Server 2003, you may want to consider offloading these demands.
There you have it! Hopefully you found the points raised in this post useful for your sales talk tracks. Ultimately, your clients may not know the risks they're accepting by sticking with Windows Server 2003. As their virtual CIO, you have to communicate these cost, security, and compliance concerns. And if they're not acting fast enough, be persistent. July 14th will be here before they know it, and upgrading is a long, involved process.
Migrations, uh, don't just find a way.
You don't have to be a doctor to be an expert in your field...
- 5 Security and Compliance Issues and How to Approach Them: Navigate 2014 Panel Flashback
- What Does It Mean To Be HIPAA Compliant?
- How Well Do You Know the Decade's Biggest Data Breaches? [Quiz]
By Paula Griffin
By Meaghan Moraes