Living in the Past

Recently we read a fascinating report from the Government Accountability Office on legacy information systems in the United States Government.

What caught our eye was the discussion of the Strategic Automated Command and Control System of the Department of Defense.

The purpose of this system was to coordinate

The operational functions of the United States’ nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support aircrafts

Alas the system was not as advanced as one perhaps may have thought.  The report notes:

This system runs on an IBM Series/1 Computer—a 1970s computing system—and uses 8-inch floppy disks.

In undertaking this review the Government Accountability Office asked the relevant agencies to self report the age of key legacy systems.  The self reported age of the Strategic Automated Command and Control System in years:

53

As the report noted in a broader context (and there are older systems noted than that mentioned above):

Legacy IT investments across the federal government are becoming increasingly obsolete. Specifically, many use outdated languages and old parts.

This results in

The vendors no longer (providing) support for hardware or software, creating security vulnerabilities and additional costs. For example, each of the 12 selected agencies reported using unsupported operating systems and components in their fiscal year 2014 reports pursuant to the Federal Information Security Management Act of 2002. Commerce, Defense, Treasury, HHS, and VA reported using 1980s and 1990s Microsoft operating systems that stopped being supported by the vendor more than a decade ago.

If there was any upside it is for those with what they thought were long redundant skills:

(Agencies) may pay a premium to hire staff or contractors with the knowledge to maintain outdated systems. For example, one agency (SSA) reported re-hiring retired employees to maintain its COBOL systems.

How should the curse of legacy systems be managed.  The GAO provides a simple – but effective – recommendation:

Organizations should periodically identify, evaluate, and prioritize their investments, including those that are in operations and maintenance; at, near, or exceeding their planned life cycles; and/or are based on technology that is now obsolete, to determine whether the investment should be kept as-is, modernized, replaced, or retired. This critical process allows the agency to identify and address high-cost or low-value investments in need of update, replacement, or retirement.

This report is a reminder to all organizations – not just those entrusted with the nuclear control systems – that time waits for no one and legacy systems will one day be turned off for the last time.

Are you ready?

DOWNLOAD REPORT

Download PDF

Subscribe to Receive Our Email Updates

  • This field is for validation purposes and should be left unchanged.