Nov 01 2022

Inadequate Software Management Can Hinder States Facing Critical Updates

A NASCIO and VMware report suggests IT agencies can benefit from defined application practices.

Forty-eight percent of states say at least half of their applications need to be modernized, yet only 36 percent have detailed, current information about their application portfolio to make that happen, according to a recent survey conducted by the National Association of State Chief Information Officers and cloud service provider VMware.

As NASCIO noted in its October report “Application Modernization is an Imperative for State Governments,” older legacy systems can struggle to meet today’s increased demand for digital services, which escalated in numerous states during the COVID-19 pandemic.

To facilitate further integration of citizen-facing services, a number of government organizations have undertaken application modernization efforts. Some seem to be better positioned than others to migrate and improve their IT systems by adopting new architectures, implementing DevSecOps practices and making other moves to enhance security and operations.

Click the banner below to gain customized security content as an Insider.

Organizations Refresh Software to Augment Protection

State CIOs ranked keeping applications up to date as one of their most pressing priorities this year.

Security concerns have been a major factor. Older code is the most frequent reason given by states for embarking on modernization, cited by 37 percent; 29 percent say cybersecurity risk has been a driver.

Stronger security is a benefit 88 percent of state CIOs say they expect to reap from application modernization; 71 percent foresee reduced risk for the enterprise.

Seventy-six percent of NASCIO survey respondents anticipate modernization will help them respond to constituents’ needs quickly and efficiently. Seventy-one percent feel it will result in better program outcomes.

REVIEW: How Okta helps grant access to necessary apps for authorized employees anywhere.

Several factors, however, can make application modernization challenging. States typically possess more than a thousand applications, according to NASCIO; consequently, establishing an accurate inventory of those resources and their current status can be difficult.

Financing poses another potential roadblock. General funds and federal grants are the top methods states use to pay for application modernization efforts; 33 percent have no formal authorization process for the initiatives, reporting in some instances that obtaining funding was problematic as a result.

Because application update goals tend to be moving targets, the overall approach states take to modernization can be another concern.

Although periodic reviews of application modernization initiatives’ progress can help expedite the process, reduce the involved costs and result in superior outcomes, more than half (55 percent) of states don’t conduct them.

Systems Can Help Guarantee Updates Will Be Made

To be effective, initiatives may need to involve a number of ongoing actions, including system upkeep and improvement, movement to new platforms or structures, and retiring and replacing solutions, according to NASCIO.

While 69 percent of states either have or are considering implementing a documented and constant application management strategy, 31 percent currently lack one.

Fewer than half (41 percent) of states manage application modernization at the enterprise level; 45 percent modernize apps through individual initiatives that are handled by each agency.

Governing application investments across an enterprise, however, is one of the modernization best practices identified in NASCIO’s report.

EXPLORE: How the demand for digital services is driving IT modernization.

The association’s research also found 8 in 10 states that don’t have a detailed application portfolio are considering implementing one that extends across the organization to help with their planning efforts.

Business relationship managers can help establish agencies’ application portfolios, according to NASCIO, which also suggests executives determine a lifecycle for each application and a modernization schedule for each critical one, in addition to a business continuity and disaster recovery plan.

Training and development, in tandem with bringing new IT professionals on board, can also be essential investments to ensure state staff members and agencies will be able to transition from legacy systems to new, modernized versions.

Over time, application oversight and assessment, according to NASCIO, should become a continuous function, enabling state governments to keep their technological resources up to date on a regular basis, which ultimately can provide more scalable and reliable assets.

RossHelen/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.