Cybersecurity at Core of Windows Server 2008 End-of-Life Considerations
… external customers or other business units in the enterprise.
Now, those outdated servers could be a potential security risk for the entire data center, Puranik said.
Colocation providers, which typically just sell space and power, and whose customers set up their own network connectivity, have less to worry about, he added.
“But if you’re providing the internet as well, it could become a problem,” he said.
There should already be firewalls in place, he said, but this is a good time to doublecheck that all systems are properly isolated. And if there are computers that are past the end-of-life date, there should be another machine between them and the public internet, one that is patched and updated.
“People are going to scan the whole internet looking for these servers,” he said. “Just cutting off direct access or making it more difficult should provide some level of protection.”
End-of-life servers can be opportunities for hackers to find and exploit vulnerabilities, said James McQuiggan, security awareness advocate at security vendor KnowBe4. That puts the entire data center at risk of ransomware, data exfiltration, or other attacks, he said.
Then there’s the cyberinsurance angle.
There are clauses related to having up-to-date systems. If a data center experiences a breach, and there are older operating systems in the environment, the insurance company will reject the claim.
If end-of-life servers are in an environment, data center managers should be adding extra layers of protection to their networks. That includes increased network monitoring and endpoint protection and response, McQuiggan said.
“And a change management program [is necessary] to track any and all changes to the systems,” he added.
Alternatively, data center managers could take this as an opportunity to expand their cloud use, said Atlantic.Net’s Puranik.
“Ideally, you already have your toes in the water with cloud,” he said. “But if not, this is something you could be starting with.”