The risks of neglecting legacy transformation include everything from reputational damage to loss of life. However, trying to predict exactly what will happen to a particular public sector organisation if it ignores these risks is extremely difficult.
A more pragmatic approach is to start by identifying the drivers of legacy transformation and deciding which are the most pressing for you. Changes to legacy systems across the public sector are almost inevitable, given the significance that bodies like the Government Digital Service (GDS) have placed on change. Therefore digital and technology leaders need to act now to identify these drivers as a critical first step towards transformation.
One thing that should be front of mind from the beginning is cost. It is an outcome of almost all the other factors driving change and is an undeniably important consideration throughout any transformation process.
Cyber security risks
The Government regards certain areas of the public sector as critical national infrastructure, with protection of the IT networks, data and systems in these areas falling under the remit of the National Cyber Security Centre.
Hackers are attracted to nearly all levels of government infrastructure as they regard them as treasure troves of sensitive information. Conscious of the major reputational damage that would be caused by a breach, digital and technology leaders have adopted the mantra of “reducing risk” wherever and whenever possible. As a result, these systems have become more and more locked down and more and more difficult to work with.
There is also the issue of how cyber security audits take place. Over time, they have been systemised into a rubber stamping process rather than a practical, collaborative exercise that helps engineers to embed security into their processes from the start. Rather than developing software, have it audited six months later and potentially roll back with fixes, engineers need to be helped to ‘shift left with security’ and build secure software from the start.
One of the consequences of locking away legacy systems is that they become harder to maintain because the skills, documentation and knowledge required to keep them up-to-date disappear.
But maintainability is a driver of transformation for legacy applications that aren’t considered critical too. The programming languages your apps are written in can become out-of-date simply through a lack of ongoing upkeep, to the point where it’s not unusual to see language stacks in public sector organisations that haven’t been updated for ten years.
As this happens, more and more security issues occur that can’t be patched easily because the language or operating system is no longer supported. Where out-of-license software is still being used, organisations need to make custom (read ‘expensive’) arrangements with software providers to patch security issues or make changes.
These ‘ransom contracts’, where public sector organisations are locked-in to paying whatever a single vendor demands, are still worryingly common. Furthermore, their existence is a clear warning sign that legacy technology is an issue within an organisation.
Complacency can quickly become an issue for leaders who see maintainability decreasing but do nothing about it. If you don’t transform, you will start to see a snowball effect, with issues occurring across multiple layers, from network infrastructure, across operating systems and languages.
Technical debt needs to be paid off regularly before it gets out of hand. Regular updates, at least every three months, are needed if an organisation wants to avoid getting into a situation where they have no choice but to sign expensive ransom contracts or hire engineers with niche, legacy skills to make changes.
Meeting user needs
One of the most important drivers of legacy transformation is government policy being changed and technology not being able to keep up. This results in organisations experiencing a tension between the desire to serve users and the inability of existing systems to meet these demands.
New or evolved policy usually necessitates a change to existing systems. However, the desired change to a service journey can be blocked immediately if the underlying technology that powers it has been outsourced to a third party or left untouched for so long that no-one knows how to make changes.
Forward thinking public sector leaders want to deliver services that citizens can benefit from but they encounter off-the-shelf systems that were designed for what was needed ten years ago. Unfortunately, it is common for departments to give up on making the changes they know are needed and instead settle for carrying on with the clunky, outdated processes just because it seems easier to kick the issue down the road.
For those leaders who cannot compromise, the need to deliver new user-oriented services at all costs often comes with its own issues. They will go ahead with delivering a new digital service that works around the legacy system but this doesn’t solve the problem if the legacy system they’ve worked around still holds critical data. The result is an ever growing list of greenfield projects and legacy applications, which become more and more difficult to manage because modernisation has done nothing to transform boring but critical internal systems.
Transforming legacy technology isn’t just about systems, languages and software. A lack of relevant skills can also be a big driver of change for public sector organisations.
One side of this is upskilling technology teams in modern capabilities, so they are able to execute a transition to a cloud strategy and follow modern ways of working on an ongoing basis.
However, it is also important to recognise the urgent skills gap that many digital and technology leaders face is a shortage of people who can work with legacy technology. Even when they look outside their organisations for assistance, they may find that such skills are dying out in the wider engineering community, leaving them with little option but to work with a legacy supplier who has managed to retain a niche skill set.
A well known example of this, which is also an issue for banks and other established institutions too, is finding developers with COBOL skills, a language developed in 1959 that is still driving various core mainframe systems. If an organisation is having to rely on a handful of engineers to make changes to a core system, especially if they are contracted to a single supplier, this is a sure sign that urgent transformation is required.
Another non-technical driver of change is the urgency many thought leading public sector organisations are placing on transforming legacy technology. GDS has identified legacy IT as one of its five pillars of focus for the next decade, while the House of Commons Science and Technology Select Committee has urged GDS to conduct an audit of all government legacy systems by the end of 2020.
GDS has a clear message for all departments that the government should be cloud-first and plenty of people from within GDS have taken leadership roles at various departments over the last few years. Leadership on legacy transformation strategies isn’t just coming from public sector people either. Individuals who have joined central and local government departments, agencies and public bodies from outside the sector have brought fresh ideas about building rather than buying software.
In these situations, the most important driver of legacy transformation might simply be a new person with new ideas and fresh ways of working being given the reins to drive change forward.
Financing is such a major part of legacy transformation that it needs to be tackled separately. However, the way technology costs have changed so drastically in recent years should definitely be thought of as an important driver of change.
Cloud technologies have driven down the cost of running apps, both in terms of licensing costs and a reduction in people costs that comes from the ‘shared responsibility model’. When organisations switch to this model, there’s no longer a need to have staff who can physically kit out a data centre or, in the case of Platform-as-a-Service (PaaS), run an operating system. On the licensing side, open source databases such as PostgreSQL have completely eliminated the need to pay for Oracle or IBM Db2.
Key components of an organisation’s infrastructure that used to be paid for upfront, like web servers and databases, can be consumed on a ‘pay as you consume’ basis. Therefore leaders of public sector organisations that still see money being allocated to these areas need to ask themselves why.
Modern, virtual database technology is more cost effective and generates lower overheads than legacy, on-premise data centres could ever allow. This change has been a key driver of disruption in many industries, as startups have attacked incumbents with better user experiences powered by lower technology costs. Now is the time for it to drive down the costs of legacy technology across public sector organisations.
These savings become particularly apparent when data centre costs need to be paid, including the replacement of on-premise hardware that has started to die. All of these recurring capital expenditure events should start to ring alarm bells for public sector organisations that a proper legacy transformation strategy is urgently required.
Transformation in your organisation
Not every public sector organisation will be experiencing all of these factors at once or to the same degree. Identifying which ones are the most pressing is something all digital and technology leaders can do to assess how risky any legacy applications might be.
From there, it’s a matter of money and finding a way to convince board-level executives that long-term transformation programmes are the only way to ensure your organisation doesn’t become the latest victim of a legacy technology disaster.
This blog post has been co-authored by our CEO Rory MacDonald and Content Consultant Joe Carstairs. It is part of a series that covers modernising legacy applications. In my next post, I’ll be looking at how financing affects legacy application transformation.
If you are interested in learning more about this topic, our team has released our ‘Modernising Legacy Applications In The Public Sector’ e-book which will empower you to define and implement the right approach for your organisation to make legacy applications a thing of the past. Download a free copy here.
We hope you enjoyed this post and found the content informative and engaging. We are always trying to improve our blog and we’d appreciate any feedback you could share in this short feedback survey.