White Paper January 2020

Legacy System Retirement – Why Now?

In last two/three decades, we have observed a constant pressure on top IT management to embrace new technology while reducing the overall cost (IT budget) – which is difficult to balance and archive. IT management has successfully deployed various models such as, adoption of cloud storage, outsourcing of services, remote work, etc., to accomplish the objective. There is opportunity cost of running legacy systems that can be safely retired. As an example, according to GAO-19-471 report (Published: Jun 11, 2019) – 10 most critical systems at 10 agencies ranging from Defense to Treasury use the systems were 8 to 51 years old and costs approximately $337 million annually to operate and maintain. This has resulted in decline of $7.3 billion in development, modernization, and enhancement of system since 2010.

I would like to list the challenges in this regard first

  • Acute Data Growth:
    According to an estimate, the total size of global data will increase to 175 ZB (Zettabytes) in 2025 from 33 ZB in 2018 – a whopping increase of 530% in just seven years. This would require huge and continued investment in storages (individual, and corporate). Whether your company uses on-prem or cloud storage, the astronomical storage of data/document growth requires not only careful future storage planning but also financial outlay for it.

Complex IT landscape

  • Complex IT landscape:
    The IT landscape has complicated multi-fold in last two decades. It all started with IBM mainframe applications in the 80’s that quickly bloomed into web of ERP solutions such as SAP, Peoplesoft, etc., in 90s. The evolution of social media such as, Facebook, Twitter, etc., forced companies to adapt in first decade of 21st century. The introduction of next level of technologies such as, IoT, Self-driving cars, cloud, and machine learning technologies, have further complicated the IT landscape in the last decade -as below.
  • Data breach:
    There is universal agreement that data is the king now and better data analytics capabilities will provide a clear edge against competitors. However, it must be noted that unwanted and expired data can quickly becomes a financial liability and PR nightmare in case of data breach, ransomware, etc. According to IBM’s latest numbers, the financial damage of data breach can run up to $3.92 million after investigation expenses, damage control, repairs, lawsuits and fines. 2019 was a record year with an estimated whopping 5,183 data breaches for a total of 7.9 billion exposed records. Project centric IT pressures and tight timelines often bypasses the general IT security guidelines – making systems more vulnerable to external agents.


  • Regulatory pressure for transparency:
    Evolving regulatory pressure such as, GDPR, requires a careful strategy to selectively delete the data records. There is a growing trend to protect personal information on the web and various government agencies are working towards it. In the US, California Consumers Protection Act (CCPA) is created to enable California’s residents to control how their personal information is consumed by businesses and whether they have option to opt out of it.

It is undisputed that while more data is preferred, the data increases not only your storage cost but legal liabilities in case of breach. IT managers must also be prepared to selectively delete the expired data whether required by the law or proactively. Regardless what industry your company belongs to (government, non-profit, manufacturing, services, entertainment, food & beverages, transportation, chemicals, utilities, retail, construction, automotive, etc.), the data growth & its repercussions cannot be ignored. The recent inventions such as, mobile devices, social media data stream, data analytics, artificial intelligence devices, smart factory, self-driving cars, IoT, etc., will continue to further compliance IT infrastructure – which requires dedicated action plan to retire older systems and/or expired data records. Inaction is not be an option and there is no better time to retire legacy system/data.

So, are you prepared to handle the situation?

The next section sheds light on how IT managers need to periodically review IT landscape simplification to realize direct financial benefits (avoid progressively higher & continued sunk cost of storage investment) and manage the risk due to breach of proprietary data.

As a first (discovery) step, we suggest a yearly review of entire IT landscape systems for the following criteria:

(a) Type, size, sensitivity, age, and taxonomy of data
(b) Software version and availability
(c) Hardware version and availability
(d) Availability of support talent
(e) Activity in the system and list of active interfaces

A typical list of legacy systems includes Website, Intranet, Windows servers, email exchange server, ERP systems, individual databases, HR system, CRM system, Business warehouse (BW/BI) system, Analytic systems, data lake, EDI or business interchange middleware system, IoT system, etc. This discovery will identify upcoming legacy systems due for retirement along with priority.

The second (Evaluation) step includes evaluation of existing IT systems & data for candidates of retirement. We suggest evaluating major criteria such as, cost of migration, ongoing maintenance efforts, reporting flexibility – ease of use, ease of tagging & retirement, future availability support talent, and presence in Company’s systems portfolio to find a right match as a substitute retirement system. Risk should also be evaluated for each substituted candidate system – as a part of any retirement initiative. This exclusive step also allows clients to finalize three important aspects for the next/implementation step:

(a) Determine vendor for hardware, if required.
(b) Determine vendor for software, if required.
(c) Determine vendor for services, if required.

The third and final (Implementation Planning) step includes scoping of each retirement phase, if required, along with timeline and efforts. Phased approach is recommended as it offers a diminishes functional nervousness of retirement by undertaking technical type data in early phases. Typically, phase I should include low-cost, low-risk, easy-to-retire legacy and unsupported systems. Subsequent phases should include limited/higher risk, business/functional data type, and more-complicated-data-structure legacy systems. A strong or well-established SDLC or similar project management methodology will ensure successful retirement of legacy system at this point of the project.

On a side note, we strongly recommend communicating the fact that data value decreases as it ages and therefore a responsible approach is required for reproduction of reporting requirements to avoid cost overrun of the retirement initiative.

In summary, legacy system and data that is not required from legal, and business point of view must be deleted to realize numerous benefits and as a part of risk mitigation. Before you encounter any of the challenges listed above, it is important that a proper clean up strategy is planned and executed to ensure continued success of IT department without losing competitive business edge.

We hope you’ve liked the details and look forward to hearing your feedback at info@axcellent.net. Please come back again for monthly edition of similar exciting topics.