It’s official: support for Microsoft Corp.’s venerable database offering SQL Server 2005 came to an end this week.
As of April 12, the 10-year-old server product is officially out of Microsoft’s product lifecycle phase, according to the company. This includes extended support — and if your data admins haven’t already started a migration path, it’s time to do some planning as no additional security improvements or hotfixes are planned.
A Cyber Security Bulletin released this week by the Canadian government underscores a potential security exposure risk for businesses still using the product: “Organizations running software after its end of support date may be exposed to outage, compliance and security risks. Hardware and software compatibility issues may also arise when implementing current technologies which may not have been designed for use with SQL Server 2005”
Organizations should indeed consider the data security risks in forgoing an upgrade strategy, notes one Microsoft senior product marketing manager for SQL Server. Redmond, Wash.-based Debbi Lyons told ITBusiness.ca this week that the upcoming SQL Server 2016 includes updated security tools designed to tackle the complex issues around the data protection and compliance.
In a blog post, Microsoft recommends that organizations review the applications currently running on SQL Server 2005, assess their current IT infrastructure (using tools such as the Microsoft Assessment and Planning Toolkit), and consider working with a technology partner to help ensure a more seamless transition.
Microsoft has been aggressively touting a migration path over to SQL Server 2014; it recently unveiled a report showing that nearly 80 per cent of IT professionals polled said they were aware of the end of support for SQL Server 2005 — but only and about half had already upgraded their workloads.
According to the vendor report, SQL Server 2005 ranks as the most common version still in use at 46 per cent, followed by SQL Server 2012 (44 per cent), SQL Server 2008 R2 (39 per cent) and finally SQL Server 2014 at 32 per cent. The study also found that almost three-quarters of surveyed organizations are fully or partially migrated, while almost 20 per cent are still in the planning stages. Only 10 per cent either have no plans to migrate at all or aren’t sure what they’re going to do.
Woodbridge, NJ-based analyst Tim Hegedus told InfoWorld this week that organizations should look at upgrading their version of SQL Server sooner rather than later.
“The biggest risk stems from continuing to use the product when there is any kind of uncontrolled or external access to that database,” the Miro Consulting senior manager said. “Any security breach can be damaging not just monetarily but also reputationally.”