As the support for Microsoft's Server 2012 and 2012 R2 reaches its end of life, Ian Bedford, general manager for Access Managed Services at Access Legal, discusses the challenges faced by law firms that delay the switch to alternative servers. He also explores how firms can leverage this change to optimise their IT infrastructure.
Windows Server 2012 and 2012 R2 will reach their end of support on 10 October this year, despite still being widely used by law firms to access critical data and applications. After this date, the products will no longer receive security updates, non-security updates, bug fixes, technical support, or online technical content updates – bringing the risk of security breaches and non-compliance.
While it’s true the use of the cloud and other modern systems is on the rise for many in the sector there are still those trailing behind, creating a genuine concern. Law firms that use outdated Windows Server 2012 and 2012 R2 are at risk of security vulnerabilities like ransomware attacks and data breaches.
As shown in the UK legal sector’s recent cyber threat report, the SRA published 278 scam alerts in response to reports from the public and profession between January 2022 and January 2023. These scam alerts highlight reports of people falsely claiming to be solicitors and firms. This is before the end of support for some systems.
As well as security risks, outdated software can also cause compatibility issues, resulting in decreased system stability, slower response times, and reduced productivity – all of which can impact the hours billed and client satisfaction.
An end of life (EOL) event like this is an opportunity for firms who are striving for compliance excellence to rethink their IT strategy, and embrace the latest cloud technologies, rather than simply replacing the servers. By aligning their technology with their business outcomes, firms can enhance operational efficiency, make remote working more effective, and reduce security risk. This, in turn, helps them deliver a better service, safeguard client data, and enable fee earners to bill more hours.
The SRA’s Code of Conduct requires law firms to protect client confidentiality and ensure the security of client data. Once Windows Server 2012 or 2012 R2 become unsupported, you risk penalties and reputational damage as your company will fall short of the SRA’s requirements, and potentially GDPR too.
To navigate the transition from Windows Server 2012 and 2012 R2, there are a number of steps IT teams can take to ensure a smooth transition and ensure they are upholding excellence within their practice.
Identify your desired business outcomes
Taking into account goals such as improved cybersecurity, increased flexibility for hybrid workers, or enhanced client experiences, you can form the basis of a comprehensive technology strategy that can sustain future changes.
Evaluate your current infrastructure
The next step is to determine the extent of Windows Server 2012 and 2012 R2 usage within the firm's infrastructure. This evaluation will provide insights into the necessary changes and inform the creation of an upgrade plan.
Explore upgrade options
Firms can consider upgrading to newer versions of a Windows Server, such as Windows Server 2019 or 2022, enabling ongoing support and security updates. Bear in mind these too will need to be upgraded in the future, so that would need to be factored into any long-term planning.
Alternatively, you could future-proof your IT infrastructure by moving to a cloud-based solution, delivered by a managed services provider. The flexibility, reliability, and security of the cloud offers numerous performance benefits and means you are no longer reliant on software and servers with a finite lifespan.
Extended security update
The Extended Security Update (ESU) program for Windows Server is a short-term option for customers who need to run certain legacy Microsoft products past the end of support. This is suggested as a last resort and interim fix before implementing a more robust strategy.
Navigate the transition smoothly
Once you’ve decided on your upgrade, a managed services provider can support you on the next steps.
Alternatively, if you prefer handling the upgrade project internally, it's important to put in place a migration plan encompassing data backup, application compatibility testing, and staff training. You also need to be certain the plan meets your firm’s business requirements, budget, and timeline.
As with any software upgrade, user adoption and training are essential. New technologies or systems may require your staff to adjust their working processes, and have any questions answered. By providing the necessary training, communications and support, you can ensure a seamless transition, boost employee productivity and engagement, and minimise any potential downtime.
The EOL Windows Server 2012 and 2012 R2 poses significant risks for UK law firms if not addressed in time. However, it also serves as a catalyst for you to review your IT strategies and systems you already have in place. Embracing this opportunity will enable you to safeguard your data, enhance operational efficiency, and thrive in an increasingly digital landscape.
Copyright © 2023 Legal IT Professionals. All Rights Reserved.