Overcoming paralysis - why financial services organisations have to race to update their Windows Server strategy

[InfoSec News <alerts () infosecnews org>]

http://www.bobsguide.com/guide/news/2015/Jul/6/overcoming-paralysis-why-financial-services-organisations-have-to-race-to-update-their-windows-server-strategy.html

By Dave Foreman, ECS, Practice Director
Bob's Guide
July 6, 2015

Most of the technical support teams we work with know their Microsoft 
Server operating system inside out and have hardly lifted their phone to 
call Microsoft support in years.  But this well-oiled machine is about to 
become IT departments’ biggest headache. With the end of Microsoft’s 
support for Server 2003 on July 14th 2015, migration from this rather old 
operating system has escalated from being a niggling worry to a high-risk 
agenda item.

Only a handful of businesses have started their migration and even they 
will have to rely on Microsoft extended support. But this is not a 
cost-effective or risk-free option in the long term.

At some point a new vulnerability in the operating system will be 
discovered and exploited; businesses will be exposed and the regulators 
will have a stronger case for non-compliance. According to the credit card 
industry’s PCI Security Council standards, if an unsupported operating 
system is Internet-facing, it will be logged as an automatic compliance 
failure.

CIOs are caught between a rock and a hard place. Nobody wants to be caught 
in a position where they have to answer tough questions about plans to 
meet compliance and mitigate risk.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/