When it comes to enterprise concerns around IT operations and risk mitigation, End-of-Life (EOL) software and asset support may not be the first thing that pops into everybody’s mind. But the truth is that EOL plays a surprisingly impactful role in both the efficiency and security of the enterprise’s IT estate. Ignoring EOL can bring about problems ranging from lapsed licenses and lack of vendor support, to broken applications and major security gaps that may persist from a lack of patching support.
All of this was on our minds when CloudSphere commissioned an independent survey of more than 500 enterprise professionals on their level of visibility into where and how EOL concerns may be affecting their business. The results tell a tale of IT stakeholders who have some visibility into their assets, but a limited grasp of where EOL may be a factor and the possible adverse impacts these scenarios could have on their IT estates.
Limited Visibility into EOL, and Major Blind Spots on the Risks
While 73% of survey respondents said they were confident they were aware of all the applications and cyber assets currently running within their IT environments, only 65% felt confident they knew of all cases of applications at or near EOL within those environments. And a mere 29% felt confident in their ability to prioritize which of these EOL scenarios posed the greatest risk to their organizations.
Not surprisingly, “Security” and “System Stability/Performance” topped the list of concerns – with 38% and 25% of respondents, respectively, flagging these as their number one priority. Somewhat lower on the list were “Operating Costs” (13%) and “Compliance” (12%), even though EOL can pose significant risk on both these fronts – including downtime from broken applications; wasted spending on lapsed or unused licenses; and gaps in compliance and reporting that can prompt regulatory violations and fines.
Taken together, these findings suggest that while users generally have some visibility into their IT assets, their view into EOL scenarios within these asset collections is less clear – and most troubling is the alarming lack of visibility into the risks that arise from these scenarios. The limited breadth in understanding of these risks was also reflected in how respondents ranked their general areas of concern when considering EOL impact beyond just security and system reliability.
Protecting the Organization by Understanding EOL Risks
The takeaway for organizations is that a better understanding of where and how EOL is affecting the IT estate can safeguard against a number of major risks. What’s more, robust asset discovery and dependency mapping processes can not only protect against these risks, but inform better decisions overall – such as weeding out costly redundant systems, or dropping software that may be nearing End-of-Life to avoid unnecessary licensing costs and support gaps.
Total sample size for the survey was 501 adults who identified as having final buying responsibility or influence for their company IT purchases. The survey was conducted by YouGov, registered with the Information Commissioner and a member of the British Polling Council. The survey used an online interview administered to members of the YouGov Plc panel of individuals who have agreed to take part in surveys. The responding sample is weighted to the profile of the sample definition to provide a representative reporting sample. The profile is normally derived from census data or, if not available from the census, from industry accepted data.