For five years, Microsoft\u2019s SQL Server 2005 has been in its extended support phase, but its end of life is near, which can pose security risks to an organization. The primary risk to not upgrading before the deadline is that there will be no more updates or security hot fixes. \u201cUnless the organization has a costly support contract with Microsoft, they\u2019re on their own when it comes to updates and protection,\u201d said Steve Ragan, senior staff writer for CSO Online.\nWithout these security protections in place, an enterprise is more vulnerable to threats. \u201cLegacy systems and apps are always going to be a problem, so if an organization can\u2019t move from MSSQL \u201805 to the latest supported versions, they\u2019ll have to adjust their security planning to address this newly opened attack surface,\u201d Ragan said.\nRelying on a legacy system instead of upgrading can also mean that the databases are no longer in compliance, a concern for those in the healthcare industry or enterprises that deal with credit card transactions.\nMicrosoft customer support agreements available through Premium Support can be costly, and some technical workarounds may be limited or impossible.\n\u201cThe benefits of upgrading to a modern data platform far outweigh the costs of maintaining security, support, and compliance for an unsupported database,\u201d T.K. Rengarajan, corporate vice president, data platform, Microsoft wrote in his blog.\nMany organizations have already gone through the upgrade process with the end of life on SQL Server 2003, and for those who are looking toward the next addition to the Microsoft ecosystem, SQL Server 2016 offers enhanced security tools that address the evolving trends in compliance risks.