Link: IT outages in the financial sector: Legacy banks playing tech catch-up risk more outages, UK MPs told

said 65 per cent of outages are in retail banks. She said the regulator received 853 notifications of outages in 2018/19 “that is a huge increase on the previous year”. However, she added some of those incidents were relatively minor, with part of the increase being due to a change in regulatory reporting requirements.

Source: IT outages in the financial sector: Legacy banks playing tech catch-up risk more outages, UK MPs told

Link: Why are large companies so difficult to rescue (regarding bad internal technology)

In terms of the best integration architecture, what seems to me the only long-term solution is something like the unified log architecture that Jay Kreps wrote about back in 2013. All incoming writes need to go into a centralized log, such as Kafka, and then from there the various databases can pull what they need, with each team making its own decisions about what it needs from that central log. However, SuperRentalCorp has retail outlets with POS (point of sale) systems which talk directly to specific databases, and the path of that write (straight from the POS to the database) is hardcoded in ways that will be difficult to change, so it will be a few years before the company can have a single write-point. For now, each database team needs to be accepting writes from multiple sources. But a unified log is the way to go in the long-term. And that represents a large change of process for every one of those 20 teams. Which helps explain why the company has spent 2 years and $25 million trying to build an API, and so far they have failed.

Source: Why are large companies so difficult to rescue (regarding bad internal technology)

Link: What’s Hot In Insurance Tech In 2019?

The business backbone, the core systems, burden digital transformation strategies. Insurers spend about two-thirds of finite tech budgets on these run-the-business systems. More nimble competitors are spending more on digital tech. And this run-the-business spend is growing. Tech leaders need to demonstrate business value of these maintenance and ops investments. Benjamin Clarke, the CTO of Bold Penguin, argued that “the project mentality of insurance companies leads to them not building anything interesting but just replatforming again, delivering the exact same experience.”

Source: What’s Hot In Insurance Tech In 2019?

Link: Assessing IBM i’s Role In Digital Transformation

Making the financial case:

“This is going to sound silly,” he says. “The hardest part isn’t necessarily the refactoring. The hardest part is convincing people to do this. Because, let’s be honest the upfront cost can be very scary, man. It can be frightening. The business is going to say, ‘We just put in X amount of dollars last year to support these kinds of environments.’ You kind of have to ask the question, what’s going to happen five years from now?”

While the legacy application may not be “broken,” forward-looking companies will consider the lost opportunity costs that are inherent when an existing system is not agile enough to support new opportunities and initiatives.

“You’re going to have to have the conversation where you can’t integrate with cloud at all, or you can’t integrate with data analytics, or you’ve failed to do cognitive system and your competitors are because RPG can’t support this stuff?” Kleyman says. “But just because it’s working doesn’t mean necessarily it’s bringing value back to the business.”

It’s easy for an executive to identify problems when servers are down, the application is throwing errors, and the day-to-day business is being impacted. It’s much harder for the executive to be able to identify the ways in which a legacy system could put hamper growth in the future.

“Honestly that’s one of the best approaches, when things aren’t on fire, to start asking some of these difficult questions,” Kleyman says. “It’s kind of like in a relationships. When everything’s going great, you don’t want to bring up any sore points. But realistically speaking, you don’t want to start arguing when everything’s wrong and you start bring up the pain points.”

Source: Assessing IBM i’s Role In Digital Transformation

Link: The Fast and Slow of Design

On the top layer there is rapid change. On the bottom, change happens at a glacial pace. It’s this combination of everything, from seconds at the top, to millennia at the bottom, that give resilience to the system.

And:

A key concept to this is that each layer has to respect the pace of another.

Source: The Fast and Slow of Design

Link: Oracle plans to end Java serialization, but that’s not the end of the story

‘Oracle’s chief architect, Mark Reinhold, shared his thoughts about Java’s serialization mechanism which he called a “horrible mistake” and a virtually endless source of security vulnerabilities. This is evident in nearly half of the vulnerabilities that have been patched in the JDK in the last 2 years are related to serialization. Serialization security issues have also plagued almost every software vendor including Apache, Oracle, Pivotal, Cisco, McAfee, HP, Adobe, VMWare, Samsung, and others.’
Original source: Oracle plans to end Java serialization, but that’s not the end of the story

Link: Toxic Technology: the growing legacy threat

“The UK Government Digital Service recently wrote about how they understand legacy and suggested a number of factors that contribute to technology being considered legacy: being poorly supported, hard to update, poorly documented, non-compliant or inefficient. The range of breadth of these negative characteristics runs counter to an often passive view of legacy: stable historic technology that is intended to be replaced. Organisations should begin to think of this technology as toxic: actively harmful to the health of the organisation.”
Original source: Toxic Technology: the growing legacy threat

Link: IBM Drops Cloud Management Platform Onto Kubernetes

“The CMS platform is used by organizations to manage enterprise applications. Those applications include offerings from SAP and Oracle. CMS includes security, disaster recovery, automated infrastructure, and application management…. IBM launched its Cloud Private service last November. It’s built on a Kubernetes-based container architecture that supports integration and portability of workloads between the cloud environment and management across multiple clouds. This includes IBM Cloud, IBM PowerVC, Amazon Web Services (AWS), Microsoft Azure, and VMware on and off premises.”

Original source: IBM Drops Cloud Management Platform Onto Kubernetes

Link: Understanding legacy technology in government

Defining and dealing with legacy IT, from a UK government perspective:

“Most organisations have an overarching IT strategy in line with their business strategy but some are taking an alternate approach to legacy. A common tactic is to migrate the business away from legacy in small parts, rather than all at once.”
Original source: Understanding legacy technology in government

Link: Serverless at Bustle

‘Probably the biggest is: how do you deal with the migration of legacy things? At Bustle we ended up mostly re-architecting our entire platform around serverless, and so that’s one option, but certainly not available to everybody. But even then, the first time we launched a serverless service, we brought down all of our Redis instances — because Lambda spun up all these containers and we hit connection limits that you would never expect to hit in a normal app.

‘So if you’ve got something sitting on a mainframe somewhere that is used to only having 20 connections and then you moved over some upstream service to Lambda and suddenly it has 10,000 connections instead of 20. You’ve got a problem. If you’ve bought into service-oriented architecture as a whole over the last four or five years, then you might have a better time, because you can say “Well, all these things do is talk to each other via an API, so we can replace a single service with serverless functions.”’
Original source: Serverless at Bustle

Link: PKS: The answer for “everything else” in your data center

“PKS will provide a comfortable environment to run freshly containerized legacy workloads and packaged software in an on-premise model to start, if desired, on top of VMWare vSphere.”
Original source: PKS: The answer for “everything else” in your data center

Good intentions & indolent portfolio management lead to legacy quicksand

The downward spiral (driven by budgeting, risk-aversion, and ROI-think) that make legacy IT bloom like algae in a stagnant creek, from Chris Tofts:

With a limited budget for maintenance or improvement, how will it be allocated to the various systems managed by IT? Remember that in having to justify the spend at all, the primary need is to demonstrate business impact and – equally – guarantee that there is no risk to continued operations.

Inevitably, depending on organisational perspective, there are essentially three underlying approaches. First, maximise the number of systems that have been updated: demonstrate lots of work has taken place. Next, minimise the risk that any update will fail: have no impact on the ongoing organisation. Finally, maximise the apparent impact on the direct customers for IT systems – improve the immediate return to the business.

If the organisation maximises the number of systems updated then the clear imperative is to choose systems that are easy (cheap) to update. The systems that are cheap to update are invariably the ones with the least difference between in-use and current. In other words, the systems that were updated during the last round of updates. So the organisation will choose to improve those systems just beyond some minimum obsolescence criteria and until all of the budget is spent.

And then, you get bi-modal infrastructure:

It’s hard to say what the fix is beyond “don’t do that.” Perhaps a good rule of thumb is to attack the hard, risky stuff first.

Getting The Business to pay attention to legacy like they do cash-losses is also an interesting gambit:

As boring as it sounds, if organisations had to carry technical debt on their books – just like they carry the value of their brand on their assets – then, finally, they might understand both their exposure and necessary spend on their critical IT assets.

Link

The coming billions in updating bank’s COBOL stacks

Commonwealth Bank of Australia, for instance, replaced its core banking platform in 2012 with the help of Accenture and software company SAP SE. The job ultimately took five years and cost more than 1 billion Australian dollars ($749.9 million).

Being conservative, multiply $500m across the top 20 banks, and you’ve got $10bn, using $749.8m directly, you get much closer to $15bn.

Better start planning.

Source: Banks scramble to fix old systems as IT ‘cowboys’ ride into sunset

Dealing with legacy applications in Pivotal Cloud Foundry – Pivotal Conversations

In this week’s episode, Richard and I talk with Dino about the work Pivotal does to help companies quickly start migrating applications to Pivotal Cloud Foundry. Check it out, and subscribe if you haven’t already.

HPE Software sold for $8.8bn, to Micro Focus

While HPE is getting $2.5bn in cash, the whole deal value is more like $8.8bn, the non-cash being stock. More details:

The Numbers

  • “Under the deal, HP Enterprise shareholders are expected to end up with Micro Focus shares currently valued at about $6.3 billion. Micro Focus will pay HP Enterprise $2.5 billion in cash.” (WSJ)
  • There’s about 12,000 people in HPE Software. (WSJ)
  • HPE Software revenue: “HPE’s software unit generated $3.6 billion in net revenue in 2015, down from $3.9 billion in 2014.”
  • Put another way, from TBR: “2Q16 software revenue [had a] decline of 18% year-to-year, driven down by a license revenue decline of 28% year-to-year.”
  • HPE has been divesting a lot, getting a hoard of cash: “In earlier transactions, HP Enterprise in May completed a $2.3 billion deal in China to sell a 51% stake in a venture there called H3C that sells networking, server and storage hardware and related services. Later the same month, HP Enterprise announced a deal to spin off a computer services business that employs about 100,000 people—two-thirds of the company’s total head count—and merge it with operations of Computer Sciences Corp.”
  • Also: “The company sold at least 84 percent of its 60.5 percent stake in Indian IT services provider Mphasis Ltd to Blackstone Group for $1.1 billion in April.”

What now for HPE?

Continue reading “HPE Software sold for $8.8bn, to Micro Focus”

Working with legacy applications, systems, and portfolios

Elisabeth Greenbaum Kasson asked me recently for advice on working with legacy applications. Check out her piece on it. Here’s the full reply I sent to her in email:


Her topics:
– The steps someone could take to get themselves up to speed on their employer’s legacy software.
– How this knowledge can make them indispensable (I know that term is relative)
– Why this type of expertise is so necessary, especially when it comes to integrating said software with new and/or evolving products.

When it comes to “dealing with legacy,” there aren’t that many good options. We often think of “legacy” as software that must be changed but that we’re afraid to change. If you’re not afraid to change it, you often just think of it as “our software.” Legacy has this connotation of it being risky, scary, or maybe just boring.

If someone wants to go down into the mines of legacy management, the first thing I’d recommend is doing some history work to find out why the legacy system in question was created, what it’s currently used for, and, hopefully, who the current stake-holders/owners are. You’d be surprised – or maybe not! – how often some or all three of those are totally unknown: with unknown stake-holders, I sometimes hear tale stories of IT departments just shutting down systems and waiting to see who calls them.

Understanding the why, what, and who of a legacy system will tell you most of what you need to know when it comes to managing it. Further up the management chain, having a good grasp of and on portfolio management is valuable. Given the why, what, and who, you should be able to prioritize any given “legacy application” relative to another with respect to funding and attention. Is fixing the application that’s used to schedule office party birthday cake orders more important than the application used to re-order plungers for the warehouse bathrooms? You won’t know between cakes or plungers if you don’t do portfolio management.

The other aspect is simply learning the technologies you need – operationally, programming, and sometimes physical management – to keep the thing up and running and to modify it. This might mean learning, for example, about operating systems for mainframes, AS/400, UNIX, older versions of Windows, and sometimes even exotic things like OS/2. There’s dozens of programming languages out there, and you’ll need to learn not only the appropriate “old” language, but how the build, version control, and project management tools around those old stacks function.

For more, I wrote about dealing with legacy in my cloud native journey booklet last year.