If your company has been around awhile, you’re probably familiar with the term legacy.
In computing terms, legacy is the fancy way of referring to older, outdated, no-longer-supported software and hardware that’s still in use by a company.
As you can imagine, legacy systems have their downsides. In 2020, technology market researchers Vanson Bourne conducted a survey called “The State of Data Management” (source). They spoke with 500 IT decision-makers in both the US and UK.
When discussing legacy environments, 88% said their business had experienced “challenges trying to load data into data warehouses [management systems for data (source)].”
One of the largest reasons for the challenges? Legacy technology.
And for 49% of the survey’s responders, legacy systems were “restricting data movement and the loading of data into a data warehouse” (source).
Easy Target
Difficult moving and managing data is bad enough, but perhaps the biggest downside to a legacy system is its vulnerability to cyberattacks.
Security patches for out-of-date software and hardware don’t exist—when the equipment is stamped as “end of life,” or EOL, companies stop supporting it. This gives cybercriminals an easy target.
In 2020, Rangely District Hospital in Colorado was targeted by a ransomware attack. The breach may have included confidential patient information, such as social security numbers, driver’s license numbers, heath insurance details, and even diagnoses (source).
The attack targeted the hospital’s legacy software system, leaving staff unable to view patient records (source).
In 2020, Adobe-owned e-commerce platform Magento was targeted by cybercriminals. Using malicious code, they stole customer credit card information (source). The malware infected 8,170 stores across all platforms, and “82% of stores that had malware were running an unsupported version of product” (source).
Magento’s legacy software was only out of date by a few months.
Pros of Legacy Systems
But even with all their potential problems, legacy systems are used for a reason—several, actually—especially by established businesses.
- Legacy systems can be critical to a company’s IT infrastructure. Banks use legacy environments to process transactions and manage accounts. Branches of the US government, like the IRS, are steeped in legacy systems (source). And retail merchants report spending “58% of their IT budget to maintain legacy systems” (source).
- Legacy environments are familiar. They’ve been used a long time, so staff know exactly how to finesse the systems to get what they need.
- Legacy products seem cost effective. After all, you’re simply paying for upkeep, right?
Not quite.
Yes, upgrading a legacy system can be costly: new products and equipment, installation, licensing, and training staff to use the new system.
But not upgrading brings its own set of problems.
Cons of Legacy Systems
- Parts for legacy systems are expensive. According to the US Government Accountability Office, “Ten critical federal information technology (IT) legacy systems . . . ranged from about 8 to 51 years old and, collectively, cost about $337 million annually to operate and maintain” (source).
- Finding support is difficult. Finding specialists familiar with legacy systems can be challenging, not to mention costly.
- Legacy systems use more power than modern systems and, thus, have a bigger carbon footprint (source).
- Legacy equipment is slow. In fact, since 2013, supercomputers have increased in speed by 40% every year (source).
Solutions
Moving away, or migrating, from a legacy system may not be as difficult as you think. There are two main paths: transformation and lift-and-shift.
Lift-and-shift moves your network’s software and data to a cloud or hybrid cloud service—with little-to-no redesign.
Transformation, or modernization, slowly and methodically brings your network software and hardware up to date with current technology.
How do you know which migration type is right for your business? Or if it’s even time to upgrade from a legacy system to a modern, more secure system?
WYRE is here to help. Through our network auditing, penetration testing, and other services, we help you along the path to finding the most cost-effective, least disruptive decision for your company.