Now that end of support is finally here for Server 2003, businesses that haven’t taken action are starting to get their plans together. While we already gave some advice for making an assessment of your situation and moving forward, from a security standpoint businesses should be doing what they can to protect themselves now that Windows is no longer patching security gaps. Here are some immediate actions you can take to protect your organization from a breach now that you have an out of support server on the network:
Secure the perimeter: Update your firewall.
Your firewall is the first line of defense against a breach. It helps to screen out hackers, viruses and worms that can come in to your network via the internet. With no more patches or updates on Server 2003, you need to make sure that you have the most up to date firmware and definitions on a hardware firewall with special services to scan packets. This will help to ensure nothing malicious is entering the network.
Protect your server.
While Microsoft won’t be issuing updates for Windows Server, that doesn’t mean that you can’t still keep the other defenses on your server up to date. Make sure that antivirus, antimalware and antispyware tools are running and checked continually. Ensuring that these ancillary systems are in place and active will help keep your server protected.
Protect your workstations.
The same lines of defense that you’re using on your server should be applied to your individual workstations. Just like you have on your server, make sure that all antivirus, malware, and spyware tools are up to date and being continually monitored. Patches are obviously still available for workstation operating system, so you’ll want to make sure that they’re being updated.
Educate your users.
Your users are in the trenches and will likely be the first to notice if something isn’t right. Educate your users on the unsupported server and make sure they understand what they should be looking for. Some symptoms of compromise include: unwanted browser toolbars, fake antivirus messages, random popups, strange applications running in the background, and disabled antivirus applications.
While you may be flying under the radar without any incidents on an unsupported server, every day that you continue to do so causes you unnecessary stress and worry. Rather than continuing to wonder when your server will be compromised, take these security steps and start creating a plan to move away from your unsupported server. We’ve outlined some great opportunities in this blog.