What is technical debt?
Most people are familiar with technical debt in the context of development. The concept reflects the implied cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer. Infrastructure technical debt is the concept of stretching assets beyond their useful life, using out of date software, skipping or delaying patching of operating systems, applications or network gear. In either case, the debt proliferates and can hastily begin to drag down an organization. In worse case scenarios, it can cause an incident that puts you out of business.
Technical debt grows from multiple sources – deferment, insufficient planning, and underinvestment: Technical debt is like financial debt; the compounding interest costs grow over time. It quickly becomes like paying the minimum on a credit card bill every month while continuing to spend until you reach your card limit. Panic is usually the next step.
Most companies are hiding the dirty truth
Today’s companies rely on computer systems to create revenue. Whether running production lines, complex trading systems or e-commerce sites, IT infrastructure is complex. It requires constant attention to remain stable, secure and up-to-date. There’s an eternal struggle in most companies between bleeding-edge-current and falling behind – each comes with costs; many times, ignoring one can exasperate the other. According to Forrester Research, maintaining older applications and technology typically consumes 70% or more of the technology budget.
IT departments are viewed in most companies as an evil necessity. Most strategic boardroom decisions happen with the absence of the CIO. Many times, these decisions can have massive impacts on IT operations, development groups and even budgets. These decisions typically add to the growing burden that may be dragging down your innovation and ability to compete in the marketplace.
Don’t plant the debt seed
When budgets get tight, often, the unfortunate first budget that gets cut is IT. Budget reductions instantly lead to postponed maintenance and upgrades in favor of delivering new projects and customer-facing services. The technical debt seed is planted and instantly takes roots that grow deep with incredible speed. Once this cycle starts, ‘postponed’ turns to ‘never’, quicker than a disappearing birthday cake in the accounting department.
I’ve spent over three decades working with infrastructure, operations teams and budgets in over 30 countries. I’ve seen a lot of outrageous things. The craziest part is that technical debt is rampant in every industry. In the past three years, I’ve seen dozens of companies that have over 70% of their infrastructure past end-of-life/end-of-support. They are still running Windows XP and SQL 2000. They are months, sometimes years, behind in patching. Many of these companies have Federal regulations (PCI, NIST, HIPPA, Gaming, …) that require current, supported hardware, software, and patching. Most companies are hiding the dirty truth.
Consider the entire ecosystem’s costs
Many times, the seed of technical debt starts when you implement something new.
When implementing a new capability, companies need to consider the total cost of ownership which include the maintain and refresh cycles to keep the new capability operating at expected levels: The total lifecycle costs are often overlooked. One must consider the entire ecosystem’s lifecycle costs. This list represents items that are most often overlooked when planning lifecycle costs:
- Does this new system require operations personnel to maintain?
- What is the impact to the network?
- What is the impact on your security infrastructure?
- What is the projected disk space requirements per quarter?
- What is the additional cost of backup?
- What is the impact of disaster recovery?
- Is a disaster recovery test performed before ‘go-live’?
- Are you carrying hardware refresh costs forward 3/5 years from now?
- How does this affect your monthly patching?
- Does the new system create a new regulatory requirement?
- What do you need to do to reach compliance and maintain it?
To some extent, technical debt is unavoidable, but when debt accumulates over time, it will limit business velocity and stifle an organization’s ability to innovate.
Another type of technical debt that is often overlooked is duplicate systems. Have you acquired companies in the past and are still running multiple ERP systems? Do you have multiple accounting, HR, and email systems? Lack of integration is technical debt. You are spending a multiple of what you need to. You are creating complexity. Complexity drives risk. Risk can put you out of business.
Doing nothing creates debt
The most missed type of technical debt is simply what you are NOT doing; keeping up with your industry and the general technology landscape. The majority of companies should have systems in place to protect your employees, your Intellectual Property and your revenue stream. Does your company have the following?
- Intrusion Detection System (IDS)?
- Digital Loss Prevention (DLP)?
- Digital Rights Management (DRM) system?
- Machine Network Authentication?
- Email Encryption?
- Mobile Device Management?
- Automatic VPN for all laptops?
These things are all ‘table stakes’ but companies continue to fall further behind. “IT costs too much.” “Cut the budget by 15%”. One of the most alarming things that get kicked to the curb is Disaster Recovery (DR) and Business Continuity Planning (BCP).
What’s your Plan B?
Do you have a DR plan? Does it include a Critical Application Assessment, Back-Up and Recovery Procedures, Implementation Procedures, Test Procedures, and DR Plan Maintenance?
When is the last time you did an ACTUAL test and it was SUCCESSFUL? By this I mean actually failover to another site and operate your entire business from the recovery site? I’ve seen companies from all financial spectrums – $25m to $5b talk about DR but have NEVER done a successful test. A typical DR event lasts 8 days. A company with $50m dollar in revenue brings in $5,700/hr. Eight days of lost revenue exceeds $1m. This doesn’t even touch the costs to reputation, customer impact, etc.
According to an IBM study conducted in 2011, of the companies that had a major loss of business data, 43 percent never reopen, 51 percent close within two years and 6 percent will survive long-term.
Where to start?
The first thing to do is a Current State Assessment. At Liberty, we typically conduct this similarly to a buy-side due diligence for a private equity firm. The process takes a few weeks and looks at your technology infrastructure, application portfolio, staff, organizational model, IT Management processes, technology spending, security profile, and current and planned projects. This step produces a report score-carding each as well a value creation levers recommendation. The value-creating levers show a company which areas should be invested in, in what order and the approximate value created by completing each.
Since most business leaders don’t fully embrace the importance of technology and the cost of IT, a successful approach is to start from the other side. Work with business executives and create a business-led roadmap. What strategic objectives are going to drive changes? What business capabilities are needed to get you there? What capabilities provide the most value and which can be standardized? With this now documented, the organization has a clear understanding of where they want to go and the technology teams understand supporting technology needs to get them there.
Now that there is some confidence built on both sides of the organization, the next step is to look at business processes. To create efficiency and economies within the organization, we typically divide all business processes into three categories; Common, Core, and Differentiated (CCD). Common processes typically have low variability and support common, high volume business tasks. Common processes support some form of competitive advantage: Often has some level of variability or differentiation. Differentiated processes needextensive flexibility to provide high value and/or differentiates you from the rest of your industry.
Through this process, we figure out how many ways you do a task and how many ways you SHOULD perform it. We create a future state business capability leveraging the CCD work. This allows us to create the next step, the IT Roadmap.
How do you get there?
The IT roadmap. When done correctly, it is a programmatic approach that considers value, time, money and resources that is directly aligned to the business. The powerful part of following this process is that, for once, business and IT have alignment and fighting over IT costs is drastically reduced. The path to success is laid out and a financial model is available to show the true cost of IT for the next few years and the direct business benefits associated with the investment.
For many enterprises, extensive technical debt is created by legacy applications, duplicate/disparate platforms and processes, and antiquated technology. This burden is dragging down modernization initiatives. To compete in today’s digital economy, organizations need to modernize now. Replacing a single server or router won’t help. Many times the only answer is to stop, invest and pay off all the debt before you can move on.
Liberty Advisor Group is part of your solution.
Whether you’re just beginning to identify your technical debt level, or seeking to optimize your processes to reduce and avoid future debt, Liberty Advisor Group can help accelerate your path: We offer objective guidance, supported by battle-tested experience: Please reach out to us at info@LibertyAdvisorGroup.com. We’d be happy to work with you to measure, prioritize, repay and manage your technical debt levels to enable you to reduce risk and unlock additional business value.
Liberty Advisor Group is amission-focused advisory and strategic consulting firm.We partner with our clients to solve their most complex business issues and improve enterprise value. Our experienced team hasa proven track recordin Business and Technology Transformation, Data Analytics, Business Threat Intelligence, and Mergers and Acquisitions:We offer original thinking combined with factual data to develop comprehensive, situation-specific solutions that work:With straight talk and proven results, we accelerate growth, drive efficiency and reduce risks:We are experienced. We are doers. We are Battle-Tested.