Nearly half of English councils using unsupported server software - Comparex FOIs
Software reseller claims information obtained via FOIs shows councils are vulnerable to cyber attacks
Nearly half of councils in the UK are running unsupported server software, according to information obtained by Comparex through Freedom of Information (FOI) requests.
According to the software reseller, its FOIs found that 46 per cent of councils are running one of Windows Server 2000, Windows Server 2003 or Microsoft SQL Server - all of which are no longer supported by Microsoft.
The majority of councils said that they were planning to upgrade the outdated software in the next two years.
Chris Bartlett, public sector director at Comparex, said: "By continuing to run out-of-date server software, many councils are exposing themselves to a host of security and compliance risks.
"The FOI data suggests that matters are slowly improving, as separate FOI requests to London Borough Councils back in 2016 showed that 70 per cent were running unsupported server software.
"However, with GDPR now in effect, councils need to be even more cognisant of vulnerabilities - especially considering the volume of citizen data they hold. With that in mind, it is important that risks are managed, and councils establish an upgrade strategy."
Comparex found that 94 per cent of councils are running Windows Server 2008, which is out of mainstream support but still in extended support. The same percentage of councils are running Windows SQL Server 2008, which has the same support durations.
Microsoft provides mainstream (or full) support for newer operating systems, but after a period of time drops this down to extended support - at which point it stops adding new features but still provides bug fixes and patches.
The FOI information found that just 13 per cent and nine per cent of council are paying for extended support of Server 2008 and SQL Server 2008 respectively. Comparex said this means these councils are no longer receiving security updates.
"The FOI data presents a worrying picture," Bartlett added.
"Only a handful of councils are currently paying for extended support, but it appears most are either unaware or are simply ignoring the risks of using unsupported software. Councils need more detailed insight and greater visibility into their software estates, so they can make better informed upgrade decisions."
Comparex received whole or partial responses from 24 of the 32 London Borough Councils, 32 of the 36 Metropolitan Councils and 25 of the 27 County Councils.