Once upon a time, there was a major home improvement retailer with an outdated legacy operating system; we’ll refer to them as “Slowes” to save (or potentially increase) their embarrassment. Most everything they did ran on an old, slow, Genesis program. They promised to get rid of the program and replace it with a newer operating system. That original promise was made 20 years ago, and as of the writing of this blog, there are still things in their stores that can only be done with their legacy software. So, is your software’s legacy secure?
First, let’s define legacy programs. Legacy programs are old computer programs that are still in use, even though they are outdated or no longer supported. These programs are often written in obsolete programming languages, and may not be compatible with modern hardware or software. Common examples in large, networked corporations are COBOL and Assembly Language.
There are a number of reasons why legacy programs are still in use. One reason is that the cost of replacing them can be prohibitive. Another reason is that the programs may be so complex that it is difficult to understand them well enough to replace them. Finally, some legacy programs may still be performing their intended function adequately, even though they are outdated.
For larger businesses, legacy programs are mostly focused on internal processes; this causes an issue as modern business practices focus on interdependency; Harvard Business Review wrote an outstanding 30,000-foot view of it here.
For smaller businesses, legacy programs serve more of a niche purpose; the problem with these programs is that they may have been custom designed for your business or created by a smaller company that ceased operations. In either instance, one resulting problem is the same; some or all of the features in the program simply don’t work anymore, as they’re no longer supported and updated to properly interact with other programs.
The second and potentially more troublesome issue is security. “Legacy programs in small businesses cause a major opportunity for hacking,” says MacguyverTech CEO Steve “Mac” McKeon. “You have to use what works for you, and redeveloping your company’s software often times isn’t a possibility because of the cost.”
So, if redevelopment isn’t a possibility, what other options are there?
Rehosting: This approach involves simply moving the legacy software to a new hardware or software environment. This is a good option if the legacy software is still performing well, but is no longer compatible with the current environment.
Replatforming: This approach involves moving the legacy software to a new platform, such as a new programming language, operating system, or database. This can be a more complex process than rehosting, but it can also be more beneficial, as it can improve the performance and security of the legacy software.
Refactoring: This approach involves restructuring the code of the legacy software without changing its functionality. This can be a good option if the legacy software is difficult to maintain or if it needs to be made more modular.
“There are always options to consider with legacy software,” says McKeon, but as cybersecurity providers, our first concern is to keep your data, network and applications secure. We always strive to give our clients the option that works best for them.”
The one option we recommend against is the Slowe’s option; they decided the best course of action would be to remove the legacy program from all terminals but one in each store. Now the functions that can only be done on the legacy program…can only be done on one terminal. No, really. You can go to your local Slowe’s right now…they’re all lined up behind customer service.
For more information on legacy software solutions, retail customer service and all things cybersecurity, visit the MacguyverTech homepage
#legacyprograms #cybersecurity #hacking #programming