Argalatyr's questions

With the end of mainstream support for Office 2003, it's tempting to retire Office 2003 from a managed network altogether (and replace with Office 2007, in our environment), but there are pockets of resistance (e.g. users who contractually share Access 2003 databases with large consortia internationally). Security is an effective rationale to compel users to upgrade, when it's defensible.

Does Office 2003 represent a security threat on a managed network, due to end of mainstream support?

EDIT: Much of our user base, and our back end, are moving to Office 2007 for Exchange and Sharepoint integration advantages - so sticking with 2003 in general is not the plan, and heterogeneity is a pain.

Our environment manages thousands of user PCs, provides high-end secure file servers. Users (from new staff to executive-level) are urged to store data to the file servers and generally do so. PCs are acquired with a standard HD image (currently Win XP) and configuration, but users have different needs and accumulate different installed software, configuration for individual apps, and at any given time have some files on their desktops.

Catastrophic PC failures are unusual but they do occur. IT staff:user ratio is about 1:150. Restoring PC function/configuration can be labor-intensive (local HD data recovery is not offered).

Virtual desktop delivery from centralized servers would be a great, but is not yet a reality due to constraints on resources (server purchase, bandwidth, etc) and the technology is still a moving target.

Some users have purchased local external HD backups, but there is no coherent guidance on device selection or configuration, partly because leadership has not settled on whether these devices are "a good thing".

A standardized approach to local HDs would simplify purchase and recovery procedures, but would increase acquisition cost per PC and might encourage laxity in data storage practices.

Are there best practices for local HD backup in a managed environment?