80% of US federal IT budget of $ 90 billion is spent on Operations & Maintenance of legacy IT systems
Consider the following:
The US treasury department uses a 56-year old system for its core operations. Individual Master File (IMF), the core application that receives US tax payer data and dispenses refunds on behalf of the Internal Revenue Service (IRS) is written in assembly language which is a low-level computer code that is difficult to write and maintain.
Testifying before the US house oversight committee, Terence Miholland, first-ever CTO of IRS stated:
The situation is analogous to operating a 1960s automobile with the original chassis, suspension and drivetrain, but with a more modern engine, satellite radio and a GPS navigation system
Even though I had a hunch that there could be many legacy applications that are still running, I was alarmed and stunned at the gravity of the situation! Majority of the federal IT systems in the US are archaic, outdated, and obsolete including key departments such as:
- Immigration and Customs enforcement
Is it any surprise that bulk of federal IT budget is spent on operations & maintenance of legacy IT systems? This is a disaster in making, and any further delay in modernizing these legacy applications could lead to catastrophic consequences.
As it is, legacy systems suffer from risks of technology obsolescence, such as:
- A continuously shrinking pool of people with expertise in legacy languages and technologies
- Monolithic architectures and tightly coupled code, which makes incremental upgrades very difficult, leading to pile up of technical debt
- Obsolete hardware and software that are no longer supported, which could become single points of failure
- Due to lack of open standards and ability to integrate with other applications, legacy systems end up creating data silos
In addition to the above cited technology-related risks, legacy applications also face the following financial and operational risks:
- Continuous increase in cost of operations and maintenance, resulting in huge financial outlay
- Application instability and operational failure due to years of accumulated patches, fixes, and updates
In other words, in the absence of risk mitigation, a legacy application is like a ticking time bomb that could explode anytime.
Most legacy applications were designed in a different era, to cater to the business needs of that time. But the world hasn’t stood still in the past few decades. There is a tremendous revolution in every walk of life, especially driven by technology. The sheer pace of technology disruption and business model evolution that we are currently witnessing is perhaps unprecedented in history.
In this dramatically changed landscape, the business rules and use cases for which the legacy application was originally designed are no longer relevant, and it will be anachronistic to continue serving an outdated business model.
The needs and demands of a modern system in terms of security, accessibility, and scalability cannot even be visualized in the past, and there is no way they can be met by a legacy application. The world hasn’t stood still, and you can’t either!
The constraints and drawbacks of legacy applications are too well-known, and also the costs of not modernizing are also reasonably well understood. At the same time, there are lots of misconceptions about legacy modernization, which were covered elegantly by my colleague Kiran in a recently published post: Application Modernization: Myths vs Reality.
It is important to have a holistic perspective on the (technology and business) drivers and need for modernization. A decade ago, I came across numerous software businesses, that have modernized their technology stacks from legacy languages to modern languages. Even though they succeeded in partial modernization of their legacy stacks, most of the architectural constraints remained, which made it extremely difficult for them to leverage emerging technologies and participate in an open, collaborative platform ecosystem.
It is vital to visualize a future-state for any application, even when it is not easy to do in a dynamic landscape. While it may be impossible to build a future-proof application, with the right modernization strategy it is certainly possible to build a future-ready application, which is:
- a reactive system that is flexible
To survive and thrive in a fast-changing digital landscape, application modernization should cover the entire product life cycle, use modern software architectures, and focus on end-to-end business capabilities. Legacy modernization must not be approached with a narrow perspective and must be continuous in nature.
Legacy modernization is no longer a choice, but a vital business imperative. It is either Do or Die.