With less than two months to go until the end of general support for vSphere 5.5 on September 19, 2018, a business that hasn’t yet upgraded is running out of time — and facing major risk as a result.
The high cost of doing nothing about vSphere 5.5. end of support
Failing to upgrade to a newer version of vSphere poses very real, substantial risks. Some of these are automatic and happen as soon as the expiry date passes, such as exposure to unpatched security vulnerabilities or non-compliance penalties.
Others are fuzzier and only happen if something goes wrong and you need VMware’s support to get back online. In either case, the damages are likely in the millions of dollars and threaten your business and your ability to serve your customers.
Here are the five biggest risks you run by not upgrading from vSphere 5.5.
Security risks: Organizations running vSphere 5.5. will be left vulnerable to new and evolving attacks. VMware will no longer release patches or updates to close security gaps. This creates an incentive for cybercriminals to look for exploits on systems they know will not be protected. In other words, running older versions of vSphere is putting your data in harm’s way.
Compliance (in particular PCI): Common compliance frameworks such as SOX, GLBA and HIPAA are broadly-written guidelines for security and data protection. They are so broad in fact, there’s a chance having unsupported vSphere puts you at risk of failing an audit. With regard to PCI-DSS standards, for all businesses that store or process cardholder data, the rules are black and white. If your operating system is no longer patched for exploits, it is an automatic PCI failure. Don’t forget PCI fines cost up to $1.5 million per instance, and potential jail time if you are found criminally liable.
Extended support penalty: A common assumption is that once a product is unsupported, you can easily pay the vendor to extend support if and when you run into issues. This is patently false when it comes to VMware and vSphere support. VMware offers no official support extensions for out of date vSphere. If you run into trouble and need help, we have heard reports of customers needing to pay exorbitant fees in order to activate a VMware team to fix their issue. We can’t specify dollar amounts but suffice to say it is a significant, budget-altering penalty if you need to pay it. (We can help get you a quote for extending support, if you are morbidly curious).
Downtime: Every hour of downtime costs the average company $100,000, according to researchers at ITIC. Forget the penalties, fees and potential data loss. How many hours of downtime can your company afford as it works to fix a problem caused by an unsupported vSphere environment?
Missed opportunity to innovate: There are plenty of “good reasons” organizations put off an upgrade. They might need to upgrade their hardware, for example, and they simply don’t have the time, resources or expertise to manage the move effectively. Unfortunately, by not dealing with these obstacles, companies are suffering the biggest consequence of all: Failing to innovate. Each upgrade challenge offers IT an opportunity to improve the way it serves the business. Instead of scrambling to put out fires, IT could be using these upgrade cycles as a way to rethink, remodel and transform its operations.
Time is running out — but it’s not too late
There’s a joke in IT that goes like this: Someone asks: “When’s the best time to start an urgent project?” The answer is always “yesterday.”
You might not have a time machine, but you can still get started today and reduce your exposure to risk as much as possible. Unless you feel like living through any of the scenarios described above, when it comes to your vSphere 5.5 upgrade, there is simply no more time to waste.