Legacy System
Older software still in production that may be technically outdated. Often business-critical but hard to maintain, extend and secure.
A legacy system isn’t necessarily bad. Many have run reliably for decades and support huge revenue. The issue is that the world has changed: cloud, mobile, AI and user expectations create demands these systems were never designed for. Legacy becomes a risk when maintenance cost exceeds modernization cost and when expertise is scarce.
What is Legacy System?
A legacy system is software still in production but built on outdated technology, architecture or infrastructure. There’s no fixed age – a 5-year-old system on an unsupported framework is legacy, as is a 30-year-old COBOL system. Typical traits: language rarely taught (COBOL, Delphi, VB6), little or no documentation, monolith without APIs, dependence on old infrastructure (e.g. Windows Server 2003, proprietary DBs), few or no automated tests, and a shrinking pool of developers who can maintain it.
How does Legacy System work?
Legacy systems often work surprisingly well – which is part of the problem. They’ve been tuned and adapted over years. The challenge is technical debt: every change is riskier without tests, new requirements are implemented with workarounds because the architecture doesn’t support them, and knowledge is concentrated in few people (bus factor). Applying security patches is hard when dependencies are unclear.
Practical Examples
COBOL in banking: Many banks run core systems in COBOL – they process millions of transactions daily, but the average COBOL developer age is over 55.
Delphi ERP: A manufacturer runs an 18-year-old Delphi ERP – it works, but mobile access, APIs and cloud are not feasible.
VB6 line-of-business: An insurer uses a Visual Basic 6 app (unsupported since 2008) for contracts – every change is risky.
PHP 4 webshop: An online shop on PHP 4.3 and MySQL 5.0 – no proper HTTPS or modern security.
Typical Use Cases
Risk assessment: Evaluate legacy for technical debt, security and business criticality
Gradual modernization: API wrap, refactoring and migration (strangler fig)
Parallel operation: Run old and new in parallel and migrate function by function
Knowledge preservation: Document business logic before modernization or key people leave
Security hardening: Isolate legacy (network, WAF) and add monitoring
Advantages and Disadvantages
Advantages
- Proven: Many legacy systems have run stably for years
- Business logic: Years of tuning have encoded valuable rules
- Data: Historical data is valuable for analytics and compliance
- Amortized: Development cost is sunk; ongoing cost is mainly maintenance
Disadvantages
- Rising maintenance cost: The older the system, the costlier and riskier each change
- Skills shortage: Developers for COBOL, Delphi, VB6 or old PHP are scarce and expensive
- Security: Outdated libraries and missing updates increase vulnerability
- Innovation barrier: Mobile, cloud and AI are hard or impossible to add
- Compliance: Old systems often don’t meet current data protection and security standards
Frequently Asked Questions about Legacy System
When is a system legacy?
My legacy system works – why modernize?
How do I prioritize legacy modernization?
Related Terms
Want to use Legacy System in your project?
We are happy to advise you on Legacy System and find the optimal solution for your requirements. Benefit from our experience across over 200 projects.