March 19, 2020

Risks of Running End-of-Life (EOL) Software

by Colin Quinn

At the end of a busy day, the last thing a CIO or Controller wants to read is an end-of-life (EOL) notice from one of their software providers. Work is tough enough – with constant security threats, budget cuts, time and expense requests, planning and forecasting reports and performance deliverables to be met – without needing to go through another risk assessment for outdated software.

So, the inevitable question is posed, “Does it really matter if we forge on unsupported and run software that is beyond its end of life date?”

To help you make your decision, we’re going to guide you through 5 common risks and myths you need to be aware of if you decide to continue running software after it’s EOL date.

5 Risks of End-of-Life Software

1. Security problems (hackers)

Software that has reached its end-of-life generally means that it is no longer supported by its provider. This commonly translates to no security fixes/enhancements or critical error resolutions. Let me repeat, no security fixes/enhancements or critical error resolutions. How many software products do you know that never need security or errors fixed?

The number one concern for modern-day CIO’s should be maintaining the security of IT systems and safeguarding company information (and the number two concern should be upgrading existing systems for business efficiency.) Why would any CIO choose to run outdated and hacker-vulnerable software? No CIO or Controller should have to lay awake at night concerned that the greatest security threat was their employees not taking the proper security measures and have now jeopardized the security of the entire organization.

2. Compliance issues

Talk to any IT or finance industry auditor and they will tell you that running end-of-life software not only proposes a significant risk to the security of your business but it also likely constitutes a compliance violation under various regulatory and compliance standards.

Therefore, organizations running end-of-life software may be subject to vulnerabilities that they have no ability to correct (no security fixes/enhancements or critical error resolutions). Almost every IT compliance regulation that comes to mind requires an organization to take reasonable steps to protect the security of information and/or systems under its control.

3. Higher operating costs

If you are fortunate enough to have an in-house technical team, you may decide that it’s not a priority to upgrade your current software and you’re at peace with running it past its EOL date because your organization has the internal know-how for security patches and aptitude to address critical errors as needed. You’ve never had any major issues with that software in the past, so what could possibly go wrong, right?

Wrong but, what might seem like the cheapest and easiest option often turns out not to be the case. The fact that you have purchased software (or the rights to use it (cloud users)) usually means that you don’t have the expertise in-house to easily and quickly resolve system errors and security fixes (it inevitably costs you more money than it should when you have to hire outside help) and/or it’s not your core business, so why would you suddenly redirect resources from critical areas that you are paying to run your core business, to then maintain purchased (or rented) software that is beyond its EOL date?

4. The barrier to digital transformation

Complex legacy technology remains the main barrier to digital transformation. In layman’s words, running old systems has been identified as a key reason that CIOs are not moving faster to adopt new transformative technology such as cloud-hosted products, greater automation through artificial intelligence (AI) and machine learning (ML), Internet of Things (IoT) and more.

5. Inferior product and software incompatibility

Product development is a very expensive process. Companies don’t typically release new products unless there is a clear value-add differential between the old product and the new product, from which customers could benefit upgrading to the latest and greatest instance.

In terms of computer software, the improvements are usually in terms of speed; aesthetics; usability; efficiency; capability; and/or security. So, by continuing to use an unsupported and/or outdated and obsolete product means you risk missing out on all of these major benefits, as well as all of their associated minor benefits. Plus, old software typically becomes incompatible with new operating systems at some point, so running software past its EOL date is never a “smart” long-term decision.

Example: Deltek’s newest releases for Costpoint, Budgeting and Planning, & Time and Expense

Deltek Costpoint 7.0.1 and Budgeting and Planning 6.1 will be entering Sustaining Support on July 1st, 2020. Additionally, Time and Expense 9.0.1 will enter Sustaining Support on January 1st, 2021. Now, it is the best time to upgrade your system to the latest version of Costpoint and Time & Expense to avoid going unsupported. For more information on this topic, or to learn how Kinetek Consulting experts can help, contact our team.

If you continue to use outdated products, you not only risk security vulnerabilities, but you also miss out on all of the improvements that can enhance the user experience and even improve work performance.

Final Thought: Is software end-of-life a blessing in disguise?

It might not seem like good news at the moment, but EOL software can actually be a blessing in disguise. It means that your software vendor is committed to keeping their products up-to-date and on the cutting-edge, which means that your organization too will stay abreast of its competitors.

If you’re not receiving regular end of life or at minimum enhancement notices from your software vendors, you should not be relieved, you should be asking WHY

End-of-life is a natural and progressive part of a product’s lifecycle:

  • beginning of life (product development and testing);
  • middle of life (general availability and customer feedback); and
  • end of life (retirement strategy and last sale date).

So, to deliver you the absolute best product possible, vendors need to be actively investing in product development, retiring old products and releasing better products. For more information on how we can help transition your company from an end of life solution to a current supported and secure product contact us.