end-of-life windows 2003 security

Our organization is running our website on windows 2003 and preparing to migrate to Linux with a new website. Until then (could be another 6 - 10 months) and in this era of no Microsoft support for windows 2003, what security measures can we take to prevent security breaches and malware infections. Needless to say, the higher-ups are reluctant to invest money in a "lame duck" server.
Thanks,
avirAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
There is nothing you can do from a Microsoft perspective. All over.

See if a top name Antivirus (Symantec Endpoint Protection or as good top name) has a product that runs on Server 2003. That might help.

Put a hardware firewall in front of the server to prevent DDOS attacks and the like.
radioflyer gerCommented:
Hi,

the hard way:
turn it off from time to time just to see them jump up and down as a reminder for the Investment and that it is out of service

more practically:
Hope you had patched the latest and Kept it running. Without Extended Support you are reall behind schedule. Monitor a vulnerabilities board to see which security fixes are published and if they apply for 2003. When the Situation becomes more severe, Report it upwards. Try to Speed it up and do it in 3 month, you should be ok then.

And try to get them involed in things. If they know ist easy to ignore you, they will probably do it more often.

An example: the board decided that Air conditioning is costly, so they erjected it. They approved for air circulation. On the hottest day we inverted the circulation to blow the outside air inside.
Next day: VOILA! Airco approved and get it installed ASAP!

Learn the code and stuff works man.

Good luck
RF

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jerseysamCommented:
Make the case to the business from a  risk point of view. Explain that you will be at risk from possible cyber attacks and ensure you have an email trail from yourself highlighting the risks and proving that you are raised concerns and so cannot be blamed in the event of an issue.

Make sure the server is patched as best you can. Ensure you have a good anti-virus product on the server.

Plug any security concerns on the server and ensure it is behind your corporate firewall etc.

Above all raise your concerns and so they can be traced.
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

avirAuthor Commented:
Thanks for the feedback.
radioflyer gerCommented:
You are welcome. But keep in mind, this is jus a small part of the whole
puzzle. Fixing a single instance in the security landscape normally does not
change too much.

Do you have an overview, where you stand

Backup (and where is it safely stored)
Firewall
DMZ
Access Rights
Antivirus of Systems
Client Security
Patch Management
Encrypted drives of management, salesforce / people travelling
Awareness to train the users
physical security
fire prevention
Uniterruptable Power
etc, etc ?



just a thought or two
avirAuthor Commented:
Thanks for the extra thoughts. I'm supposed to have a meeting with our network manager and I will bring up these points.
radioflyer gerCommented:
I am sure he has the same issues with bringing those to the attention of the bosses, but if you are two and not alone, your situation has already dramatically improved (low cost :)

Good luck!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.