Fifty per cent of councils in England rely on unsupported server software
Lack of updates makes councils in England security targets
Councils in England are putting their security at risk by depending on server software that is no longer supported by the original vendor.
Almost half of the local authorities in England are running criticla processes on unsupported software, according to IT services supplier Comparex, which obtained the information by taking advantage of the Freedom of Information Act.
It found that 46 per cent of councils are still using Windows Server 2000, Windows 2003 or Microsoft SQL Server 2005, all of which are no longer even covered by Extended Support date.
As such, they are not maintained with bug fixes or security updates from Microsoft.
Although the vast majority (between 88 and 94 per cent, depending on the product) claim that they intend to upgrade inside two years, by using such outdated software in the meantime, they continue to run the risk of being hit by zero-day vulnerabilities which could bring down an organisation's entire infrastructure.
Chris Bartlett, business unit director of Public Sector at Comparex, said: "The FoI data suggests that matters are slowly improving, as separate FoI requests to London Borough Councils back in 2016 showed that 70 per cent were running unsupported server software.
"However, with GDPR now in effect, councils need to be even more cognisant of vulnerabilities - especially considering the volume of citizen data they hold. With that in mind, it is important that risks are managed, and councils establish an upgrade strategy."
A bigger ticking time bomb awaits. The study showed that 94 per cent of respondents use Windows Server 2008 or SQL Server 2008. Both reach EOL in the next two years and only between 9 per cent (SQL) and 13 per cent (Server) are paying for extended support.
The problem is a new spin on an old issue. With the NHS and Metropolitan Police among the public-sector organisations that have been slow to upgrade machines from long-dead Windows XP.