A 2018 tax-day computer glitch at the Internal Revenue Service prevented millions of Americans from filing their tax returns and forced the agency to extend its filing deadline. It was later determined that the problem stemmed from a legacy software system that dates to the Kennedy administration.
The IRS crash illustrates the risks involved with running outdated apps and systems. When organizations put off upgrading or modernizing essential legacy systems, they create a form of technical debt that can place their entire operation at risk.
Like financial debt, technical debt incurs compounding interest. Legacy applications that have driven operations for decades become problematic, difficult to secure and costly to maintain. According to Forrester Research, maintaining older applications and technology consumes 70 percent or more of the typical technology budget.
The longer the debt is ignored, the more vulnerable companies become. According to an IDG survey of IT executives, organizations that don’t properly assess, track and manage their technical debt experience a range of negative business impacts, including higher operational expenses (55 percent), reduced performance and scalability (47 percent), longer time to market (35 percent) and customer experience issues (17 percent).
Mounting technical debt also limits a company’s ability to launch digital transformation and modernization efforts. According to an Accenture survey of more than 1,000 C-level executives, a significant majority say technical debt severely limits their ability to innovate (70 percent), slows migration to new technologies (72 percent), and makes them less responsive to market changes (69 percent).
Security vulnerabilities likely represent the biggest cost of technical debt. Many homegrown legacy apps were written in older programming languages at a time when security was not an overarching concern. In many cases, they were never intended to be exposed to the public Internet. Older packaged applications may no longer be supported by the manufacturer. In either case, old, unpatched vulnerabilities create openings for attackers to gain unfettered access to your entire network.
Outdated technology also creates the risk of noncompliance with a host of government and industry regulatory requirements. Most organizations today are subject to regulations requiring them to demonstrate that their IT systems meet technical and procedural requirements for protecting personal information.
Where to Begin
Addressing technical debt requires a systematic approach, beginning with an accurate inventory of all applications, their dependencies and their purpose. It’s also important to identify those in the organization who have particularly expertise with each app. Very often, legacy apps were developed and maintained by people who have long since retired or otherwise left the company.
Once an inventory is completed, you can begin the process of prioritizing application modernization or replacement efforts. Apps should be evaluated based on their overall value, the importance of the business processes they support, maintenance costs and risk of failure. Apps that no longer serve a business purpose or are used only sparingly should be retired or replaced.
Rewriting or replacing legacy applications is a time-consuming process that requires significant expertise, which is why organizations tend to put it off. However, those without in-house expertise and resources should consider working with a third-party provider to begin the process of eliminating risk.
SSD Technology Partners has an established track record of helping clients modernize, replace or port legacy apps to the cloud. Our capabilities span the full software development lifecycle, from design through development, implementation and support. We can provide custom development or software reengineering for customers that don’t have in-house programmers, or we can work closely with your developers to accelerate the process of developing, testing and delivering applications. Give us a call to learn more.