Traversing the terrain of legacy IT

Director, Central Government, BAE Systems Applied Intelligence Read time: 3 mins
Legacy IT is a perennial issue for governments of all political stripe but tackling it is far from straightforward. Nefyn Jones plots the best way to turn legacy into opportunity
Traversing the terrain of legacy IT The government has to spend a lot of its money on legacy IT – but don’t take my word for it.
In a speech last July, Chief Secretary to the Treasury, Steve Barclay, admitted that “currently around half of central government IT spend is on servicing legacy IT”, before taking aim at the countless repercussions – cybersecurity risk and it’s obstruction of agile ways of working, to name but two.
He was quite right to raise this issue but, of course, government is far from alone. Plenty of private sector organisations are hobbled by similar challenges. But whether you want big government or small government, devolved government or centralised government, we should all want effective government – especially at a time of pandemic and fast-approaching EU-Exit.

Today’s snapshot

Unfortunately, legacy IT continues to loom large over Whitehall and beyond. You might be battling it right now if you’re using an older version of Windows. Or maybe the issue is something bigger – you don’t know exactly what data your organisation owns as it’s held in siloed or proprietary data stores.
Its prevalence within government is partly rooted in the long-term evolution of public services, a journey often akin to a zigzagging joyride propelled by the incumbent government’s political stripe. Throw in the sheer pace of technological advances fast rendering previous systems obsolete, and the result is today’s patchwork of government departments, all operating complex IT estates and often underpinned by hundreds of systems and multiple suppliers.
So that’s where we are, but what can be done about it? The good news is that legacy does not necessarily lead to liability.

Compass setting

Without exception, the organisations that have created and clearly communicated an IT strategy and roadmap have progressed far more successfully with their legacy IT programmes than those that have not.
Legacy IT transformations take considerable time to complete – often over five years. This means that clear direction set through a strategy and roadmap sponsored from the most senior levels is a key starting point. If clearly communicated throughout the organisation and reinforced with the right governance processes, it will provide a vital framework for planning and decision making.
The sheer age of most legacy IT estates ensures that many of their complexities remain hidden and are not well understood. This leads to the complexity and timelines often being underestimated: most legacy IT transformation programmes tend to be late and over budget.
For example, one of our clients has been replacing their legacy IT systems for five years but is still only 30% through this journey. Their experience, however, is far from unique. Breaking the problem down and outlining interim states is essential for large programmes, as is investing in the right skills and experience, from new graduates up to board level appointees, to drive the transformation forward.
We also know from experience that government IT budgets rarely allocate funds to deal with inadequate data. This means that building a detailed picture of the data that sits across a legacy estate is key to making better informed decisions not only about legacy IT, but also future technology.
It takes a significant amount of effort to look under every carpet and consolidate knowledge. However, this is an absolutely crucial step as it will enable evidence backed decisions to be made based upon how the data is going to be used. Building a pipeline of work to address this must be managed in parallel with embedding supporting processes within IT teams.

On cyber watch

A key challenge with legacy IT lies with those services that cannot be easily transitioned to modern technology. This causes the need to maintain out of date platforms that cannot benefit from any of the increased agility that modern technology platforms and cloud environments offer. And for the legacy IT that cannot be transitioned, retro-fitting cyber security defences may not be an option.
By taking a threat-based approach, however, the protective monitoring of any legacy environment, combined with up-to-date knowledge of the threat actors and threat vectors, enables swift action to occur. For example, legacy IT systems may have multiple vulnerabilities, but understanding which ones are currently being exploited allows an organisation to take mitigating actions to avoid the vulnerability being exploited within their IT estate.

Next steps

Addressing legacy IT should be combined with the overall IT strategy as one. Such an approach can be used to help identify where the IT estate can be rationalised, duplication of services removed or existing capabilities enhanced to deliver an improved user experience and a reduced overall IT cost base.
All this isn’t easy. Navigating legacy IT is complex, time-consuming and often costly. But the powerful allure of upgraded systems fit for the myriad challenges and opportunities of 21st century government can surely fuel the journey ahead. 
About the author
Nefyn Jones is a Director, Central Government, BAE Systems Applied Intelligence
Government Insights Promo Block Image

Explore Government Insights

Stay up to date with the latest thinking, trends, technologies and projects from our Government team
Find out more

Recommended reading:

  • In control with Agile. Jenny Matthews explains how Agile working can give you the control you want, without having to compromise
  • A question of agility. Government IT is on the move. Chris Hesketh explores why agile by Design is finally taking root across public sector organisations
  • Transforming Government IT – Marie Kondo style. Cleaning up need not be a chore, says Annabel Snaith. This goes for your home *and* government IT systems…
  • Whitehall’s Digital Transformer. Having data is one thing, effectively exploiting its potential is quite another. In this guest blog, Yvonne Gallagher, digital transformation lead at the UK’s National Audit Office, examines how government can turn data into delivery
  • The drive for Digital Transformation. Digital transformation is not a destination, but a journey, and one that can require you to traverse some challenging terrain. Here, Sandy Boxall and Rob Clifford explain why only the careful orchestration of people, process, technology and culture will get you moving in the right direction
  • Fast moving clouds ahead. Cloud computing has been around for years, but fully deploying it within government and critical national infrastructure is no small feat. Chris Poole takes a look at what might be done
Nefyn Jones Director, Central Government, BAE Systems Applied Intelligence 12 January 2021