When it comes to your existing IT systems, if they’re not broken, don’t fix them, right?

Sometimes I think this is absolutely true; there’s a genuine value to maintaining the proven processes that support your existing business. The common problem with supporting legacy architecture is that it can leave you wide open to vulnerabilities.

If nothing else, these gaps in your security should form a core consideration of your disaster recovery plan. Then, if the worst should happen, you have full visibility over the backup and recovery processes of these systems.

So, what are the pros and cons of maintaining your legacy architecture?

Why maintain a legacy system?

There’s certainly a value to keeping your existing IT processes in place. Supporting historic systems that meet the functional needs of the company ensures your processes tick along, assisting your business continuity.

Legacy systems build up functionality over time to meet the changing needs of the rest of the business.

"A system migration can bring down parts of your business, if not effectively managed"

Are your systems older than your IT people?

The only way to limit damage from business failure — be it online or offline — is to be prepared. In some cases, however, your legacy architecture has existed for so long, it can predate your IT current team. In these instances, fewer and fewer people fully understand how your core systems work, or what dependencies they might have. It becomes increasingly risky to replace them.

Protect yourself from a disaster that could put you out of business. Download  our disaster recovery plan.

Legacy architecture, with traditional backup and recovery methodologies, can create significant disaster recovery challenges. This is largely due to restoration complexity.

"The only way to limit damage from business failure — be it online or offline — is to be prepared"

The path of least resistance

With legacy hardware, the operating systems and firmware are likely to lack the most recent updates. Because they may no longer be supported, new exploits discovered on legacy systems might never be patched.

If you don’t take precautionary steps to assess the gaps in your legacy IT systems, your business will remain vulnerable. Security is often only as strong as the weakest link, or your path of least resistance.

[subscribe-form]

"Security is often only as strong as the weakest link, or your path of least resistance"

Disaster recovery as a service

If you’re supporting even a small number of legacy hardware or systems, the value of a robust Disaster Recovery Plan (DRP) cannot be underestimated. According to FPWeb, four out of five of companies that experience a significant data loss with no DRP in place are likely to go out of business within one month.

To alleviate the weight of responsibility, many organisations choose to work with a third party provider for a offsite security service. These could include one of the following:

- Backup as a service (BaaS)

Third party backs up data and meets recovery service levels. Following the disaster, IT rebuilds the server environment, installs applications, then restores data from the cloud.

- Recovery as a Service (RaaS)

RaaS restores applications as well as data from the cloud. This can include full backup of server disk including applications, operating systems, patches and settings.

- Disaster Recovery as a Service (DRaaS)

This includes cloud-based failover to backup and recovery services. Failover may be automated or manual, and it may be based in the public cloud or the service provider’s cloud. This service is worthwhile if you have critical applications that must be 100 percent available.

Overall, even if your legacy systems work flawlessly, it’s still sensible to research ways to update and migrate these systems ahead of any potential failure. This will protect your business continuity processes and minimise revenue losses from disaster.

Complement your position with a robust security policy; be it internally, or from a third party like Intercity Technology.

At the same time, legacy architecture can still have a place in modern business; if your operations are complex, maintaining the ‘tried and tested’ model has a value.

Once the gaps in your security perimeter have been identified, build out your business continuity plan from these weakest points. Complement your position with a robust security policy; be it internally, or from a third party like Intercity Technology.

Man rubbing eyes in annoyance