When IT wants to migrate from Server 2003 but management ignores them

I haven’t met an IT Pro who is happy that Windows Server 2003 is still in their environment. When I ask why it is still there then, they reply that management doesn’t want to provide the resources to make it go away.

IT Pros understand all the reasons why they need to migrate away from Windows Server 2003. By writing this article on this site I’m really preaching to the converted. IT Pros don’t need to be convinced that running a 13 year old unsupported operating system is a bad idea. They aren’t doing it because they are recalcitrant, Server 2003 is still in their environment because they haven’t been given the resources to get rid of it.

The last decade has seen a decline in the influence of the IT department. I don’t think that this is the IT department’s fault. IT Pros have understood the risks of certain technologies and that their job is ensuring that they limit the exposure of the organization that they work for to those risks.

Over the last decade many large IT companies have appealed to managers with the idea that they can do an end-run around IT and all the policies they have in place to mitigate risks to the organization. Sure, telling some non-technical person that all they need to do to stand up their own infrastructure without having to jump through IT’s hoops is provide their credit card to a cloud provider certainly sells cloud subscriptions, but it also sends a message that IT shouldn’t be listened to.

Just as the same IT companies have told non-technical people that they should be able to use their own expensive laptop at work without the IT department’s oversight, that it is more convenient to store confidential documents in public cloud storage drives, and that users *should* be able to send confidential documents through free webmail services rather than through Exchange which might have Data Loss Prevention policies configured.

In the last decade big IT companies have basically sent a message to non-technical people that they should be able to do whatever makes them happy when it comes to IT and that IT is a blocker with all its rules and policies that were put in place not to kill fun, but to protect the organization from real world threats.

When IT started getting characterized as the “fun police” organizations went from viewing it as an asset to being something that “kept the lights on” but whose advice could otherwise be ignored.

So it’s not entirely surprising that while IT has been saying for years that the organization should get off Server 2003, management has decided that IT can be safely ignored – because for the last few years the big cloud providers have said that IT Pros and all their rules can be ignored. That “move fast and break things” is a much better motto than “ensure that everything works reliably”.