Flexera logo
Image: Outdated, inefficient and vulnerable: The consequences of failing to remove tech debt and monitor obsolescence

In today’s digital age, technology is constantly evolving and advancing, and organizations must keep up with the latest trends to remain competitive. However, many companies struggle with the burden of outdated technology and inefficient systems, resulting in significant consequences. In this blog, we’ll explore the dangers of failing to remove tech debt and monitor obsolescence, and the importance of implementing strategies to address these issues.

The consequences of tech debt and obsolescence

Technical debt is the cost of maintaining and supporting outdated technology beyond its end-of-life date. This can result in significant expenses, as well as security risks, as outdated software and hardware are more susceptible to vulnerabilities and attacks. Additionally, using outdated technology can lead to decreased productivity and efficiency, as employees must spend time navigating cumbersome and slow systems.

Failure to monitor and address obsolescence presents severe operational risk to organizations. As hardware and software become outdated, they become less compatible with newer technologies and can create bottlenecks in the IT infrastructure. This can lead to system crashes, data loss, and even complete IT failures, resulting in significant downtime and financial losses for the organization.

Additionally, failing to monitor obsolescence and remove tech debt can result in a vulnerable IT infrastructure, exposing your organization to significant security risks. Without proper monitoring, IT leaders may not even be aware of the extent of their old technology problem and what it can cost their organizations. In fact, a McKinsey study revealed that CIOs estimate 20 – 40 percent of the value of their entire technology estate is technical debt.

The importance of monitoring and addressing tech debt and obsolescence

To avoid these consequences, organizations must prioritize monitoring of obsolescence and removal of tech debt. This requires a comprehensive understanding of the organization’s IT infrastructure and a commitment to ongoing maintenance and upgrades. By regularly assessing and updating software and hardware, organizations can reduce their risk of security breaches, increase efficiency and productivity, and minimize downtime and financial losses.

During my time at Nike, tech debt and managing obsolescence was a top priority. As the leader managing more than two million network-connected devices with an asset value of over $2 billion, we were accountable for tracking and reporting on KPIs related to our performance against set threshold levels. My team was expected to understand and guide the business’s areas of focus for mitigating our exposure and decreasing our overall operating costs. I made an investment in several Flexera tools, including the one now known as IT Visibility, that, for the first time, provided us with an avenue to track the obsolescence of hardware and software. The resulting data was helpful for technology operations domains, enterprise architecture and security issues stemming from software vulnerabilities. We created a strategic initiative with this data known as Triple U, which targeted commercial software applications that were “Unpatchable, Unused and Unlicensed” to reduce our technical debt and move toward our internal objective and key results target levels of obsolescence. During that initiative, we eliminated applications from more than 900 publishers and were able to cancel expensive and unnecessary extended maintenance contracts, saving Nike millions of dollars.

After our experience using this data from IT Visibility to drive risk reduction and cost savings, I believe every enterprise with a significant technology footprint will find tremendous value in this platform. Many of the former practitioners on my team of Executive Advisors also experienced similar organizational impact by focusing on tech debt. One example is from John Schwartzenberger, former Director, Information Technology Services at Fiserv:

“As the executive leader of the ITAM organization at Fiserv, we recognized it was critical to stay on top of tech debt and obsolescence to ensure our organization was running efficiently and securely. Being in the fintech industry, we had rigorous annual FFIEC exams that ensured we had established visibility into assets at risk for vulnerability exposure in our production environments. This included both hardware and software. We had to deliver a full lifecycle program that included quarterly board-level KPI reporting such as percentages of operating systems, network gear and critical business services at risk. The program also included compensating controls to manage and document any exceptions. As a biproduct of this visibility across our estate, we were able to better understand and target aging technologies with proactive planning and budgeting for refreshing our tech debt. Another byproduct of regularly monitoring our IT infrastructure obsolescence and investing in upgrades and maintenance: we could reduce risks and improve productivity. For example, we could utilize data about our network gear for production systems to monitor the age of that equipment, along with its potential failure points, to prevent production system outages for critical segments of the network.”

 Not all technical debt is created equal

The chart above shows the typical tech-debt sprawl across large organizations. When monitoring this type of obsolescence, it’s important to take a deeper look into these categories. For example, let’s say this organization currently has an overall obsolescence level of 20 percent with the percentage breakdown above. I would first look closely at the specific databases and operating systems that have reached this state. Not all this tech debt carries the same level of risk. It needs evaluation of the services these are tied to for identification of critical production systems. Some industry examples include:

  • Healthcare: Electronic health record (EHR) systems used for patient data management and clinical decision making
  • Retail: Supply chain management system used for tracking and managing inventory levels, purchase orders and vendor relationships
  • Manufacturing: Computer numerical control (CNC) machines used for precision manufacturing and quality control
  • Financial services: Trading systems used for real-time financial data processing and analysis
  • Transportation: Air traffic control systems used for managing and tracking flights, ensuring safety and efficiency
  • Energy: Supervisory control and data acquisition (SCADA) systems used for monitoring and controlling power generation, transmission and distribution.
  • Telecommunications: Network operations centers (NOCs) used for monitoring and maintaining network infrastructure, ensuring uninterrupted service to customers

Using obsolete operating systems, network gear, databases, etc. for critical production systems can pose significant risks to an organization. The most prominent risk is the security vulnerability associated with unsupported software. Obsolete operating systems no longer receive security updates and patches, leaving them exposed to known vulnerabilities that can be easily exploited by attackers. This puts the entire organization at risk, as a single breach can compromise sensitive data, damage reputation and result in financial losses.

Most organizations should target their obsolescence goals at ten percent or less with several industries having regulatory mandates (e.g., financial and energy) at three percent or less. This should be monitored constantly, with action plans for goals, and reported to all tech leadership monthly.

IT Visibility icon

IT Visibility

The business promise of your IT is huge. But it takes a complete, up-to-date view of your hybrid environment to make the most of it.

The consequences of failing to remove tech debt and monitor obsolescence can be severe for organizations. From financial losses to security breaches to decreased productivity, the risks are significant. However, by prioritizing the monitoring and removal of tech debt and obsolescence, organizations can reduce their risk and drive business success. Investing in modern technology and ongoing maintenance and upgrades is a critical step in remaining competitive in today’s digital landscape.

Contact us today to get an understanding of your outdated, inefficient and vulnerable resources.

At Flexera, we understand the importance of reliable data. That’s why we offer a free analysis of your IT estate with IT Visibility, with a specific focus on tech debt and obsolescence. This complementary analysis provides you with a comprehensive view of your IT landscape, helping you govern and control asset risk, meet regulatory requirements and increase productivity.

Get a free analysis
Get a free analysis