End-of-life IT systems are hard to modernize.
They’re typically built for purpose, maybe use an outdated programming language and almost always are critical to the success of the business.
Replacing or updating them can be expensive and cause widespread disruption to the business. Leaving them in place creates an even bigger set of problems, however.
When an IT system nears its end of life, it is beset by problems. Security vulnerabilities, incompatibility with modern technology, inefficiencies and cost are among the most serious.
What makes these issues so problematic, and what can enterprises do to alleviate them?
They Become Less and Less Secure
Many legacy systems are decades old, and this is where security vulnerabilities lie.
Because of their age, they are no longer supported by the vendor or the company, says the team at Cleo. “Lacking regular maintenance, legacy systems with vulnerabilities will not see the updates and patches necessary to stay secure in the modern world. Poor data security presents a risk to every organization no matter the industry.”
It is not just legacy systems themselves that businesses need to be worried about. The peripherals, attachments and supporting components could be security risks, too.
“A critical, but often neglected, vulnerability is legacy systems installed in equipment, including operating systems and applications,” says Ming-Chang (Bright) Wu, senior director of cyber risk and cyber insurance at Willis Towers Watson.
“Systems might have reached end of life, and legacy issues such as insufficient patch services could go unnoticed with potentially catastrophic implications.”
Modernizing or replacing legacy applications removes the vast majority of these cybersecurity issues. “When network modernization is included in the overall agenda, it allows security to be embedded in network design and thereby improve the IT experience of the business,” says Abhishek Goyal, VP and global practice head at Infosys.
It also allows applications and processes to meet new security requirements.
Software Becomes Incompatible
Legacy technology can be defined by incompatibility, says Cyndi Tackett, SVP of marketing at Flexera. When new technology is introduced that becomes the industry standard, a vendor can sunset existing technology that’s no longer relevant. Without support, that software becomes legacy.
End-of-life systems also might not be compatible with the latest technological advances, whether that’s new software, APIs or something like Web3. Even if legacy systems are compatible, they are likely to run new technology more slowly and thus inhibit employee productivity, ITPro and Intel write.
The fallout of this can be significant. The ITPro and Intel piece points to an IDC study, which shows almost two-thirds of employees say outdated systems hamper their productivity. Further, more than half say this impacts their willingness to stay at a company.
Incompatibility extends beyond the tech realm. Older systems rarely cooperate with employees. Many legacy systems are built using programming languages and for skillsets that are no longer widely known. For instance, the average age of a COBOL programmer —a system many IBM mainframes use for critical applications — is 55, says Mary E. Shacklett, president of Transworld Data. In a decade or so, most COBOL programmers will have retired and taken that knowledge with them.
This kind of obsolescence risk is one of the reasons it’s so important to invest in open standard technology, says Chris Rommel, an executive vice president at VDC Research. “This generally then maximizes the ability to port existing assets as well as ensures the future extensibility and portability of future software that you develop.”
They Inhibit Business Growth
Growth is paramount for businesses, but so often end-of-life systems hold them back.
Cloud and data developments have completely disrupted IT operations, says Nishita Henry, chief innovation officer at Deloitte Consulting. But legacy systems don’t have the resources to leverage new technologies and new capabilities. That leaves companies vulnerable to disruption by competitors, she explains.
“With technological advances, customers expect headache-free experiences and your enterprise needs to be able to perform at a level that anticipates the customer’s needs.”
Nowhere has this been made more obvious than in the wake of the pandemic. Stay-at-home mandates hit people around the world with little warning. This left no time for IT teams to upgrade their systems or run user testing.
It’s clear that old, inflexible systems hold businesses back, says Scott Carey, the managing editor of news at InfoWorld. “Even as global vaccination efforts continue apace and the world returns to some semblance of normality, the ways people work, shop, and exercise have irrevocably changed,” Carey writes. “Businesses that ignore these shifts are at severe risk of becoming legacy themselves.”
Sometimes, the inflexibility of legacy systems can inhibit growth even when businesses try to modernize them, particularly when moving to a cloud environment, says Jeff Levinson, a hybrid infrastructure specialist at CDW.
“These apps are often created to work within the organization’s existing infrastructure at the time, which usually means that they were built around on-premises data centers,” Levinson writes. “Because the applications rely on legacy infrastructure, they aren’t designed to fit within a cloud environment.”
Further, because these applications tend to be built for a specific purpose, they don’t scale easily, something that further inhibits the benefits of having these applications in the cloud.
The sheer impact of a legacy system on growth is one of the reasons IT leaders believe digital transformations are so impactful. In a survey by Insight, 90 percent of respondents expected modernization to have a transformative or significant impact on long-term company growth.
Maintenance Costs Soar
Maintaining legacy systems can be incredibly expensive. “Hardware maintenance only gets more expensive as equipment ages, especially in comparison to cloud storage,” says Humberto Farias, chairman at Concepta.
They can be even more expensive to run, with little incentive to identify cost-saving efficiencies. “Legacy systems tend to be massive monoliths with large code bases and poor documentation,” Farias explains. “Besides the added maintenance burden, complexity discourages developers from experimenting with new technology because even small changes could cascade into larger problems.”
Costs mount higher the longer enterprises continue to run IT systems past their lifecycles, says Andreas Wuchner, an advisor on cybersecurity and risk. The biggest issue is finding professionals familiar enough with legacy technology to support it. “When support demand exceeds supply, maintenance costs increase in parallel with the risks of a security or compliance event,” Wuchner writes.
It’s clear end-of-life IT systems need to be sunset to avoid the problems discussed above. The next question: How? Replace legacy systems with a SaaS solution? Or rebuild a fit-for-purpose solution using custom software development?
To answer that question, consider your needs. If end-of-life systems are business-critical and firmly integrated into your processes, consult with a custom software development studio first. The more essential a system is to the business, the more important it is to seek expert advice on modernizing it.