“If it ain’t broke, don’t fix it.”

Many companies rationalize keeping ancient hardware and software running for just this reason—they’ve got too much other stuff going on, and this program works, so why borrow trouble by upgrading it to a different platform that might not work? While there’s some logic to such an approach, other companies are starting to look at legacy IT modernization.

Often, the program was never intended to run this long. It might have been something someone slapped together in a few hours. But as institutional memory leaves and fewer people know skills such as COBOL, companies stake their business on software and hardware that they don’t understand, don’t know how to fix should it break, and can’t afford to replace.

Nowhere is this truer than in the federal government. “Agencies reported using several systems that have components that are, in some cases, at least 50 years old,” reported the General Accountability Office (GAO) earlier this year. “For example, the Department of Defense uses 8-inch floppy disks in a legacy system that coordinates the operational functions of the nation’s nuclear forces. In addition, the Department of the Treasury uses assembly language code—a computer language initially used in the 1950s and typically tied to the hardware for which it was developed.”

And it’s not like using these old systems is saving the government money. The GAO also revealed that more than 75 percent of the federal government’s $89 billion IT budget was devoted simply to keeping old hardware and software running.

“The federal government spent more than 75 percent of the total amount budgeted for information technology (IT) for fiscal year 2015 on operations and maintenance (O&M) investments,” according to the report, Information Technology: Federal Agencies Need to Address Aging Legacy Systems. “Specifically, 5,233 of the government’s approximately 7,000 IT investments are spending all of their funds on O&M activities. Such spending has increased over the past 7 fiscal years.”

Moreover, this was happening at the same time that investment in development, modernization, and enhancement had dropped by $7.3 billion from fiscal years 2010 to 2017, the report continues.

Similar results were obtained from a recent Dell Federal survey, the State of IT Trends 2016. “53 percent of those who completed the survey noted that the systems they are currently using within their agencies are no longer being provided with vendor support,” according to the survey. “These systems include Windows 7 and 8, and the Windows Server 2008.” Respondents said that improvements in IT infrastructure systems, file storage and sharing systems, desktop computers, laptop computers, servers, and network routers and switches would be particularly helpful.

In fact, due to the rapid improvements in technology, the federal government is paying 400 technologists to maintain something that’s the equivalent of today’s iPad, Scott said.

So what’s wrong with running hardware and software that’s older than the people supporting it? As long as it works, what makes that a problem? Especially when the government has had some pretty spectacular failures (like the Veterans Administration) when it attempts legacy IT modernization?

Security. Back in the day, we didn’t have security. Or hackers, at least to the degree we have them today. Consequently, security features have to get bolted on to the legacy hardware and software, which affects performance and doesn’t result in very secure systems. When the Office of Personnel Management (OPM) was hacked last year, people were startled to find out that the data wasn’t encrypted, because the system was too old to support it. In fact, ironically enough, some older systems are considered more secure these days, because they’re so old that hackers no longer know how to break into them.

Performance. The old systems may work, but are they as efficient as they could be? Newer techniques have since been developed that help companies get more value out of their data and their operations. In fact, legacy IT systems are often what’s holding back digital transformation, writes Grace Chng in Techgoondu.

Personnel. Facing a “silver tsunami” as many IT staff retire, organizations no longer have the staff to maintain and repair these older systems, and fewer students are learning about them in school. U.S. chief information officer (CIO) Tony Scott, for example, says the situation is as critical as the Y2K problem. “Scott homed in on the looming wave of retirements among the experienced IT personnel who built and manage legacy IT systems and infrastructure and how that exodus will empty the government of intimate knowledge of how those older systems operate,” writes Russell Brodsky in Federal Computer Week.

There are five primary strategies for dealing with legacy IT modernization, writes Ofir Nachmani for TechTarget:

Rehost: Redeploy applications on infrastructure as a service (IaaS) without making changes (also known as “lift-and-shift”)

Refactor: Run applications on platform as a service (PaaS)

Revise: Modify or extend existing code to fit the cloud environment

Rebuild: Rebuild a PaaS environment

Replace: Discard existing applications and instead implement them as software as a service (SaaS)

In the case of the federal government, President Barack Obama and Scott called for a $3 billion revolving fund that would enable government agencies to borrow from the fund to upgrade their systems. The complication is allocating money for setting up a new system while at the same time continuing to allocate money for keeping the old system running in the meantime. The General Services Administration has also developed a playbook for legacy IT modernization.

Since then, Congress is working on a compromise bill that lets federal agencies undertake legacy IT modernization projects, but doesn’t give them any funding for the moment. Instead, agencies are encouraged to save money from their existing budgets, such as by closing and consolidating data centers.

In 2010, the Obama administration began such a data center consolidation program, but it hasn’t been as successful as it hoped. First, it turned out that there were a lot more data centers than people realized (partly because they changed the definition of a data center partway through). Second, closing data centers is hard, because Congressional representatives don’t like losing data centers in their districts. Third, figuring out how much money you saved—if any—is also hard. So the Administration continues to hope that Congress will allocate funding for legacy IT modernization.

While “If it ain’t broke, don’t fix it” is a fine sentiment, you do have to wonder: Wouldn’t it be better to fix it before it breaks?





