Ismail Amla, Senior Vice President, Kyndryl Consult.
Even as technology change accelerates, most organizations face a sobering legacy of aging technology, often from several decades ago. The data doesn’t lie. More than 40% of their technology assets are approaching or have reached end-of-life (EOL) status, according to a recent report published by my organization, Kyndryl Consult.
It’s a stunning figure that should capture the attention of tech leaders across every industry. Still, the best approach to this challenge may be a counterintuitive one.
Rather than viewing EOL as a problem to be stamped out entirely, approach it as a permanent condition that requires continuous management. This isn’t a natural mindset to adopt, but it may lead to greater progress in limiting EOL’s impact on an enterprise’s overall business strategy.
This approach takes the nature of technology at face value. While one system is upgraded, others enter EOL status, a reality of the march of time. As teams migrate from deprecated APIs, new ones will become obsolete. Cloud services sunset features while introducing others. Operating systems reach end-of-support while running critical applications. It’s a cycle that affects every layer of the technology stack, from hardware to software to cloud services.
Every technological component has its own lifecycle, creating a complex web of obsolescence that shifts constantly but never disappears. There are steps leaders can take to tackle these inevitable challenges, helping to anticipate and cushion their potential impact.
Accepting The Inevitable, Managing The Risk
The first step toward effective EOL management is accepting its permanence. To be sure, 40% EOL across industries exposes the world economy to risks that can be reduced with better management. With that in mind, leaders must build processes and teams designed to handle continuous obsolescence. They understand that running some EOL components is not just acceptable but often the most practical business decision.
This doesn’t mean accepting unnecessary risk. Rather, leaders and teams can make informed decisions about which EOL components must be safely maintained. A regional bank might reasonably maintain an EOL core banking system behind robust security controls while prioritizing customer-facing application upgrades. A manufacturer might keep legacy industrial control systems while modernizing their monitoring and security infrastructure. The goal should not be eradicating EOL—a quixotic effort—but rather determining and defending acceptable risk.
Strategic Management Approaches
Effective EOL management begins with a comprehensive business impact analysis. All technology should map back to the business. Take, for example, a global manufacturer that discovers through such an analysis that its most critical EOL system is a two-decade-old inventory management application. While technically obsolete, it had been extensively customized over the years and deeply integrated with supply chain operations. The cost and risk of replacement far outweigh the challenges of maintaining it.
To be clear, plans should be made to replace such a system but with a realistic timeline and a gradual switchover process. Any dash to remove this particular EOL element would have been disruptive and likely harmed rather than helped the business.
In that same vein, security implications also often drive EOL decisions. A healthcare provider might realize they are running critical imaging and clinical tools on a Windows XP operating system well past its end-of-support date. Worse yet, the manufacturer of the system may no longer be actively developing the platform, having moved on to newer versions. Rather than rush a risky migration, they might implement enhanced network monitoring, application-level firewalls and strict access controls. This bought them time to plan a careful transition while maintaining HIPAA compliance.
Another critical part of EOL management is recognizing when it’s simply time to upgrade and how to do this as painlessly as possible. Amazon Web Services recently undertook an exercise to upgrade versions of the Java programming language running backend systems. They were able to use tools to radically accelerate the process from at least a year to a matter of weeks. The benefits were staggering. A small team revamped and converted 30,000 apps to Java 17 in short order, saving 4,500 years of development work. The code upgrade is expected to yield annual application performance improvements of $260 million.
In other instances, though, the EOL is indefensible and should simply be changed. Generally, software is easier than hardware. Any enterprise running customer-facing servers on an outdated operating system is running an untenable risk and must question whether they can defend this position should outages or breaches occur.
Practical Solutions To Safeguard EOL
Modern EOL management and safeguarding requires a sophisticated blend of technical solutions. Network segmentation has evolved far beyond simple VLANs. Organizations now implement zero-trust architectures that protect EOL assets through continuous authentication and monitoring.
Even mainframe architectures are being upgraded with new cloud-native capabilities that allow network operations and security teams to apply modern security practices to decades-old hardware. Documentation required to keep teams abreast of EOL components can now be adequately addressed by AI documentation systems that track changes and translate them into natural prose. Not surprisingly, given the prevalence of EOL, enterprises have evolved sophisticated approaches to managing this reality.
Building Organizational Capability
Organizations need to develop expertise across multiple technology generations. This means maintaining talent that understands legacy COBOL and modern cloud architectures. A financial services firm addressed this by creating mixed teams of veterans and new hires, ensuring knowledge transfer while maintaining critical systems. This setup included comprehensive documentation and regular cross-training sessions.
Vendor management becomes particularly critical with EOL systems. Organizations must maintain relationships with both original equipment manufacturers and third-party support providers for tracking support deadlines, negotiating extended support contracts and proactively identifying alternative support options.
The Path Forward
Success in managing EOL means building the organizational capability to continuously assess, prioritize and manage EOL assets while maintaining business operations and security. It means making informed decisions about when to upgrade, when to maintain and when to accept risk.
The 40% EOL figure isn’t a problem to solve; it’s a reality to manage. Organizations that embrace this reality and build appropriate management capabilities will fare better than those constantly fighting against it.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here
