What is Technical Debt?
Just as we incur financial debt when we wish to purchase something sooner than we can afford it, we can incur technical debt when we make short-term convenience-based decisions about our technology systems.
Short-term fixes, based on satisfying an immediate requirement, rather than implementing more expensive or time-consuming solutions, can lead to decreases in efficiency, additional maintenance costs, compromised security, and higher chances of downtime.
Essentially, to see some short-term benefit, we incur some longer-term cost in terms of productivity, efficiency, or risk.
How do we incur technical debt?
Organisations typically incur technical debt via one or more of the following means:
Not replacing aging systems
- IT Hardware
- Operating System
Upgrading or customising legacy systems
- Retaining systems that are no longer in active development
- Customising systems to add features
Implementing quicker or cheaper solutions
- Rapid roll-out at the expense of features or security
- Cheaper systems to save up-front costs
What are the risks?
Organisations that incur technical debt will inevitably run into some or all of the following issues:
- Older hardware will perform comparatively slower than newer systems
- Older applications will not take advantage of newer capabilities – improved hardware, better code libraries, and other improvements
- With reduced performance comes productivity loss for the users utilising those systems
- Modified systems or multi-application systems reduce productivity as users need to swap between systems or enter the same information multiple times in different places
- With increased chances of downtime or increased periods of downtime when issues do occur, users can be left without the ability to perform their primary tasks
Increased support costs
- Older systems cost more to maintain
- Finding qualified or experienced IT support personnel for legacy systems can become increasingly difficult and expensive
- As systems degrade the requirement for support increases – more calls to support means more money spent on that support
- Old operating systems and hardware may lack the benefit of accumulated experience and could retain security flaws
- Older applications were not often created with the same security fundamental principles that modern applications follow
- As systems age, they receive fewer updates and patches, increasing their vulnerability to compromise
Reducing technical debt
Just like financial debt, technical debt should be addressed so that the incurred costs are reduced or eliminated. While the debt was accumulated due to short-term decision-making, the process of eliminating the debt is a long-term process.
Understand the situation
Work through your systems and identify where the systems are not performing as efficiently as they could be. Consider solutions that were implemented quickly, or cheaply, and determine the trade-offs incurred and what may be required to mitigate them.
Plan the resolution
Once you have identified your technical debt, prioritise the issues based on the impact they are having on the organisation’s security, time, productivity, etc. Create a plan to address these impacts and begin the process of resolving.
Work from home
In early 2020 as the pandemic took root and governments started encouraging and forcing people into lockdowns, organisations around the globe found themselves needing to implement remote work capabilities for large numbers of staff in a rapid time frame.
For many organisations, that meant implementing VPNs or remote gateways with existing equipment in an ad-hoc fashion, with limited consideration for performance or security. Having made the changes in reaction to an emergency, it is important for the organisation to address the changes and ensure a longer-term solution is put in place.
This may require upgraded firewall device(s) with more robust security, improved user experience, and/or additional capacity for the higher number of connections required. They may require improved internet and perhaps redundancy in case of outages. Multi-factor authentication for internal systems may be required to improve security.
An organisation maintaining a server beyond its planned life cycle increases its risks of failure as the hardware goes beyond its anticipated life. Failed hardware may be difficult to locate leading to extended periods of degraded performance or downtime.
Performance on older equipment will also degrade as hard drives spin slower, fans dissipate less heat causing processors to slow down performance, and applications requiring more resources do not perform optimally.
Older operating systems running on the old hardware may not be as secure as newer versions or have modern optimisation features – multi-threading applications that can run instructions in parallel instead of sequentially. Also, older hardware may not be compatible with newer operating systems, locking the organisation into obsolete tools.
Older applications will lack newer features and security functions. They may not allow for multi-factor authentication and may require Terminal Servers to allow remote access rather than having cloud capabilities. Needing to implement Terminal Services to allow remote access adds cost and complexity to the environment and may reduce the convenience for some workers as they may not be able to utilise mobile devices for access when on the road.
While it is common for organisations to accumulate some technical debt as it is with financial debt, it is important for the organisation to manage that debt and implement plans and processes to reduce or eliminate that debt over time.
Identifying where your organisation has accumulated technical debt is the first step, and then working with your technology partners to reduce and eliminate the debt is important to reduce the burden on your organisation going forward.