5. Downtime and testing
experienced during the upgrade
of a system
Resources used to build an in-
house system or customize a
purchased system
Price of
purchasing a
commercial
system from
a vendor
+
+
6. Often the vendor no longer
supports the legacy systems,
meaning that no future updates
to the technology, computer, or
application will be provided.
7. RISKY BUSINESS
Weaknesses Widely
Published
Dependency on an
Old Platform Evolving Threats
and Hacker Tools
Vulnerabilities are
made publicly
known with no or
postponed patch
release.
Legacy products
may only run in
legacy
environments,
forcing
acceptance of
additional risks.
New security risks are
constantly being
discovered- risks that were
not taken into
consideration at time of
system creation.
Hackers are creating easier
ways to exploit systems
8. Implement the legacy system in a protected network
Limit physical access to the legacy system to administrators
Deploy the legacy application on a virtual computer
Employ access control lists (ACLs) on the system
Use highest authentication and encryption mechanisms
Best Practices for
Minimizing Risk in a Legacy System: