The end of support for Microsoft’s SQL Server 2008 is approaching. On July 9th, 2019, Microsoft will end their extended support for SQL database servers that run both the 2008 and 2008 R2 versions. Cutting off this support means no more hotfixes, no feature updates, and most of all, a new vulnerability in your organization’s cybersecurity efforts.
If your organization is growing increasingly concerned about the effects of retiring SQL Server 2008, they’re not alone. SQL is currently one of the most common programming languages, with wide use across all industries and considerable growth year-over-year. In addition to the language’s general popularity, SQL Server 2008 is an especially widely used version among users.
In fact, SoftwareONE’s own data analysis of 100,000 servers shows that 43% of all SQL servers run either SQL Server 2008 or SQL Server 2008R2. That’s a huge number of servers which will require a time-consuming plan of action. As a result, many organizations will need to consider potential courses of action very soon when Microsoft ends SQL Server 2008’s extended support.
The Consequences of Inaction
Without proper planning, your organization could be at risk in several different ways. First and foremost, a lack of continued SQL support poses a huge security risk to your organization. Once extended support for SQL 2008 is retired, these databases will no longer receive security patches and updates. In a world where cyber-threats are becoming more significant and commonplace, running out-of-date database technology opens your organization up to devastating consequences.
Organizations should also not ignore software compliance and licensing risks as the result of an expired SQL server. Industries with strict regulatory compliance standards, such as healthcare and finance, will be at the highest risk of an unwelcome software audit. With SQL licensing being complex and costly, the chances of noncompliance are higher than with similar software. It is not uncommon for an organization’s SQL instances to be the most mismanaged product on their network. For that reason, it is critical that any instance of SQL Server run by your organization remains compliant.
If your organization cannot retire SQL Server 2008 before its end of support, the cost to keep the program running adequately can be significant. For example, in 2014 the government of the United Kingdom desired continued support for their legacy Windows XP systems. To ensure security and support, the UK reached an agreement to pay Microsoft the equivalent of about $7.2 million US dollars for just one year of support. With most organizations not able to afford these legacy support costs, organizations must prepare for a migration to a new solution.
The crux of any possible SQL solution should be to mitigate risk. Before making any decisions regarding updating or migrating your SQL server, be sure go through a discovery process with your servers and databases. During this process, find all deployed SQL database servers and identify their license entitlements. Once the licensing environment is better understood, then reconcile the licensing positions of all SQL 2008 deployments. To reconcile licensing positions in an efficient way, define what your organization would consider the most optimized licensing state. It also may be helpful to consult a Microsoft advisory services expert to discern the complicated software environment. From there, it is vital to develop a comprehensive roadmap to help your organization plan and execute their chosen solution.
There are two primary solutions that organizations should consider when designing their roadmap. The first suggestion would be to upgrade to the latest version of SQL, SQL Server 2017. This usually is covered under Microsoft’s Software Assurance program, so this upgrade typically comes at no additional licensing cost. However, this does not mean that upgrading to SQL Server 2017 is free of any additional costs at all. Organizations must still stay vigilant with software compliance across their entire network environment, and a simple upgrade could potentially incur indirect and opportunity costs, as the compliance process will be quite labor intensive compared to the alternative.
The second suggestion is to migrate to Microsoft Azure. Microsoft Azure is a cloud computing environment that any organization should consider implementing. Azure will allow your organization to maintain their existing SQL 2008 environment for an additional three years, through 2022, without the need to pay for extended support. Azure can provide flexible hosting for your SQL environment, scaling its size and expenses depending on the size and power of your database demands. Due to Azure’s flexible pricing strategy, it is greatly beneficial to implement a tool such as PyraCloud. A considerable amount of insight and visibility is necessary to optimize cloud spending, and Pyracloud can help to provide this knowledge. Not only will a transition to Azure buy your organization precious time, it will also give your organization an opportunity to upgrade and modernize their database environment.
Evaluating all of your options for the end of SQL Server 2008 and 2008R2’s extended support can be intimidating. However, due to the stark consequences of inaction, organizations must become educated on their choices and create a well-informed roadmap for this transition.
To learn more about the complicated process of attaining compliance with SQL Server 2008’s licensing entitlements, register to view our on-demand webinar, “Discovery & Entitlements: Why is it so Easy to Overlook Critical Software Asset Management (SAM) Data?”