A legacy system is a system that essentially belongs to a previous generation, in a manner of speaking. It is typically an old system that despite its age and lack of modern compatibility still exists and continues to be in use. This is not because the users have found no reason to change it though. The fact of the matter is that it meets their requirements and does not present any problems while doing so. However, the more practical reason is the fact that it would be too expensive to have it replaced or overhauled. On top of that, a legacy system usually commands an important project, and so it would be too difficult to temporarily put it offline or to replace it.
However, as with everything, there is always need for change. A legacy system may present problems and limitations to the organization, and stubbornly holding on to it may result in major repercussions, not only for the organization, but also the users who interact with it.
One of the limitations of many a legacy system is the fact that it runs on old hardware, which may be obsolete. This can result in a lack of efficiency in that the legacy system in question may be too slow with relation to processing speed demands. Even finding spare components to replace those that may have gotten spoilt may be extremely difficult. Furthermore, though said spare components are found, constantly maintaining a legacy system can be counterproductive in the fact that the profits generated would have to be ploughed back into a depreciating asset.
However, should the owners of the legacy system be dead set on using the system, they may be lucky enough to manage to find a method of integrating current hardware technology with the system. Usually there are emulators and backward compatible components that can aid in doing so, allowing the legacy system to live to fight another battle.
Regardless of finding a way to keep the legacy system online though, there would normally be problems with regards to maintaining it other than the hardware aspect. This is due to the fact that the creators of the legacy system (usually belonging to the previous generation) have probably left the organization, or have forgotten the system specifics. It is even more so difficult if they left inadequate or no documentation behind on the legacy system. Thus, if a problem develops that cannot be solved; it can have unprecedented drawbacks because no one would be able to solve it.
Due to the fact that it is usually built on out dated technology, a legacy system may prove to be fertile playing ground for hackers galore. This is especially tempting if the legacy system governs a nuclear power plant, airport control system or even military facility. The fact that information technology has significantly developed, it would be child’s play to find the workings of a legacy system. It can even be worse, if the attack is orchestrated by those within the organization who know the limitations of the legacy system in terms of security.