• partial_accumen@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    12 days ago

    It is more like ‘involuntarily end up riding the risks of using unsupported old software’.

    Involuntarily? An org choosing to use an EOL OS to keep running an application is a business choice that accepts the risk of compromise/lack of support of an EOL OS. Any org in this situation has 3 choices:

    • deprecate the application entirely closing down that line of business the application was supporting
    • rewrite/replace the application to maintain the line of business on a modern supported OS
    • continue to run the EOL OS and accept the risks

    There’s nothing involuntary here.

    • akash_rawal@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      11 days ago
      1. Struggle to come to a conclusion on what to do with the EOL OS because of internal political factors and the reality of how enterprise works.

      This is the involuntary choice. If you cannot choose from the first three, you end up implicitly choosing the fourth.

      • partial_accumen@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        11 days ago

        Your #4 is the same as my #3. Play out your #4 and it ends up as my #3:

        1. Struggle to come to a conclusion on what to do with the EOL OS because of internal political factors and the reality of how enterprise works.

        Security or Compliance teams raise the concern with continuing to run the EOL OS, they demand the App team power down the offending servers or upgrade. App team escalates to leadership advocating for the upgrade and they ask for the funding. Leadership asks for a business case justifying the large spend requiring the ROI numbers. App team mostly shrugs because the ROI are intangibles of security or support-ability. Leadership sees no immediate monetary benefit being realized in the next 2 quarters from a costly upgrade and instead chooses to accept the risk. They send an exception order to Security or Compliance teams that this EOL OS should continue running as is and the App team shouldn’t be bothered anymore.

        …and we end up with my #3.