A report by the ACT Auditor General, reported by ITNews has found the territory’s government is trusted a bunch of sensitive information on systems that are either close to end-of-life or unsupported. I’ve seen this in businesses, large and small, many times over the years. But would you do it?
Software makers deprecate software all the time. Sometimes it takes many years, other times it’s far shorter.
Once you find a piece of software you like and rely on it can be really difficult to move away from it. And it gets harder when you build a business or unit around it.
The trouble is, some applications aren’t built to work in today’s world. For example, when the US government’s Department of Personnel Management was breached in 2015, resulting in the security clearances and personal data of hundreds of thousands of current and past US federal employees being compromised, it was revealed that the data wasn’t encrypted because the systems used were so old they could use encryption.
While that’s an extreme example, it highlights what can happen when you don’t move away from legacy systems.
When I ran IT teams, my rule was to stay on the current or most recent previous version. That gets a little trickier with some software today as the idea of versions is falling away. Windows 10, for example, has a couple of major builds each year so my rule there would be probably more along the lines of current of previous major release build.
Are there situations where you think it’s OK to hang on to older, unsupported software? Or should you try to stay up to date?