The rotating hourglass. The spinning rainbow ball. The constant string of pop-up notifications begging for this update or that patch. You've been there before. At one point or another, we've all felt the frustration that comes with using outdated legacy business systems.
Unfortunately, using outdated technology in business comes with much bigger risks than just pain and frustration. Aging legacy systems are more vulnerable to cybersecurity risks and the reputational damage and financial repercussions that can arise from these cybersecurity breaches can severely impact a business's bottom line.
From system downtime to increased costs, discover the top five risks that will make you re-think using outdated legacy technology.
1. Crashes and System Downtime
Crashes are today's version of "the dog ate my homework." However, this excuse has quickly gone from being a common fixture in schools and businesses to being socially unacceptable for the most part. This shift is largely due to the rise of cloud services and Software-as-a-Service (SaaS) applications, which reduces the risk of data loss by storing data in remote systems that can't be impacted by a computer crash.
Today, we live in a "now" culture. The people we interact with and the clients we serve don't just want on-demand, uninterrupted, and reliable access to data, files, and customer service — they expect it. If crashes and resulting system downtime prevent organizations from receiving what they want and expect, many will not hesitate to take their business elsewhere. And, you can bet that more often than not, there's a competitor waiting in the wings with the right, working technology to give them what they want and expect "now."
You see, the real added risk here is the lost time, revenue, and trust associated with crashes and system downtime. So, is the money that you think you're saving by using old tech still worth it? If you do think you're saving money by putting off that system upgrade, be sure to keep reading.
2. Increased Costs
So, where is your money best spent — maintaining antiquated systems, or driving new business value? Outdated legacy systems can be expensive to maintain. It's really not much different than maintaining a very old home or vehicle, except that technology ages at a much faster rate. In fact, according to a study on the cost of maintaining legacy systems, ten of the U.S government’s legacy systems cost around $337 million a year to operate and maintain.
For example, CNN Money reported in 2015 that the US Navy could pay Microsoft up to $31 million to maintain their now-defunct operating system, Windows XP. Why? When the OS was discontinued, Microsoft stopped actively developing security updates and patches for it, even as new major flaws and security holes within the system have been discovered and exploited. Yet, the Navy desired the option to maintain its legacy systems, so, Microsoft pretty much had carte blanche to name its number.
If you moved to a notoriously dangerous neighborhood, removed the alarm system and locks, and left the doors and windows wide open, wouldn't you expect to pay a high premium to keep your now-vulnerable home safe? Using old technology systems is no different and can be extremely costly to maintain.
And, that's before you consider the cost of employee time spent fixing old tech and making it work, rather than being productive and focusing on the real business tasks at hand. No one likes to feel like they don't have the right tools to succeed, so keeping antiquated technology in your business can also negatively impact your employee satisfaction and morale. Low employee satisfaction and morale usually equate to high turnover, so you could expect additional costs for recruitment, hiring, and training new staff, as well — all thanks to that old tech.
Plus, the majority of legacy business systems use more power than newer energy-efficient technology, creating unnecessary extra overhead costs for your business.
3. Decreased Productivity
Legacy technology runs slower, takes longer to execute tasks, and requires much more time-consuming maintenance, patches, updates, and helpdesk calls than its newer counterparts. In fact, Microsoft estimates that SMBs who use old PCs could lose up to seven days per calendar year. Even if you don't consider your PC to be old yet, computers that are more than four years old cost 21 hours of productivity due to repairs, maintenance, updates, and critical security fixes.
Decreased productivity can cost your business in terms of both revenue and ROI — you get a lot more out of productive employees than those who spend portions of their day just trying to get their tools to work properly. Not to mention the cost of satisfaction and retention, for both employees and customers.
A great option to minimize the risk associated with hardware updates is Hardware-as-a-Service (HaaS), which some hardware and managed services providers (like Meridian) provide. HaaS essentially gives businesses the flexibility of leasing hardware that would traditionally have to be purchased outright.
So, a major benefit of HaaS is that you pay a reasonable, monthly fee, instead of large, upfront capital expenditure. Other popular HaaS benefits include the opportunity to upgrade much earlier, minimizing the risk of spending a lot on something that ages quickly, and the ability to scale as your needs grow and change.
4. Security Holes
Businesses that use outdated legacy technology increase their cybersecurity vulnerabilities. In fact, research shows that over 10,000 new malware threats are discovered each hour. If your technology is not always up to date, your risk is constantly increasing at exponential rates.
For example, if you are running Windows XP on your computer, you are 6x more likely to be infected with malware threats than if you are running Windows 10. For those still using Windows Server 2003, which reached its end-of-support on July 14, 2015, means you will be at greater risk of cyberattacks and exploitation by third parties.
Microsoft Office 2003 also reached end-of-support in April 2014, meaning there will no longer be critical security updates. Even though Office is just your basic productivity tool suite (Word, Excel, PowerPoint, Outlook) and may seem unrelated to overall system security, it can still open vulnerabilities to your whole network. The best way to ensure businesses stay up to date is through consistent documentation and a solid set of maintenance and update processes.
5. Legal and Regulatory Compliance Risks
Using outdated business technology exacerbates existing compliance risks that you may not even be aware of. Auditors can fine companies that fail to transition from unsupported software or legacy systems. Plus, outdated legacy systems can make businesses a prime target for cyber attacks and potential data breaches, which can have catastrophic reputational and financial consequences.
Small-to-midsize businesses (SMBs) can no longer assume that they are too small or unimportant for hackers and cyber thieves to target. Criminal enterprises consider many types of SMBs, such as medical practices, law offices, engineering firms, and educational institutions to be low-risk, high reward targets holding valuable personal identifying information (PII) about their clients. SMBs also tend to be the most lax about updating their technology, dramatically increasing their vulnerability and attractiveness to cyber-criminals.
Just because you are not a law or healthcare firm does not mean you're immune to legal and regulatory compliance risks. There are many compliance requirements that apply to any and all companies that handle employee data and even payment card information related to your business transactions.
It's Time to Replace Your Outdated Legacy Systems
Organizations that strategically invest in replacing their outdated legacy systems can avoid the outlined risks and greatly improve productivity and security. Businesses ready to take advantage of cutting-edge technology can request an IT Assessment and begin the process of creating a customized technology road map to help their organization succeed and grow.
Editor’s Note: This post was originally published on April 14, 2016, and has been updated for accuracy and current best practices.