Microsoft is driving its Windows customers to an ‘evergreen' operating environment, where the OS is kept perennially updated and market segmentation and security threats are reduced. The end goal is a Desktop-as-a-Service model called Windows Virtual Desktop. However, given many organisations' dependency on legacy applications, this ideal is beyond the reach of some, and Windows's chequered past when it comes to update reliability and compatibility leaves IT decision makers unwilling to leave critical applications at the mercy of OS updates.
The traditional alternative has been to either retain operating systems beyond their deprecation. It's often the largest and most specialised organisations, with heavy dependencies on proprietary software, such as the NHS, that find themselves reliant on legacy systems. The staggering cost of modernising this infrastructure, on an already strained budget, makes it an unrealistic option.
However, remaining on any Windows OS pre-Windows 10 isn't a viable long-term solution. Many companies have been caught out by having to pay eye-watering sums for bespoke Microsoft support to ensure the security and stability of Windows XP after official support has ended.
The sensitive data held by the likes of the NHS, as well as the critical work they do, also raises the vulnerability of legacy IT dependency. 2017's WannaCry ransomware attack exploited Windows systems that were past their end-of-life, affecting some 70,000 devices in the NHS alone - bringing critical services to their knees.
Securing your legacy
So, if updating Windows is impractical or impossible for your organisation, and the status quo is unsustainable, what's the alternative?
We previously reported on how semi-connected containerisation is helping to overcome the limitations of virtual desktop infrastructure (VDI). The same technology can enable organisations to continue to use those applications on which they depend, regardless of their OS requirements, ensuring their security in the process.
It's probably more useful in this context to refer to such applications as ‘production applications' rather than ‘legacy'. This better conveys the key role that these programs play in the enterprise today. It most cases significant time and money has been invested in their development, support, and related staff training. Often, the only motive for re-platforming is lack of OS support.
Given the power of the modern browser, using it as a virtual machine in the same way that traditional virtualisation has utilised hardware makes a lot of sense. It can be used across devices and OSes. By running production applications on a barebones version of the required OS, in a container (hosted on the end device) security fears can be nullified.
Compatible by design
Droplet Computing takes this approach, with their sandboxed browser-based containerisation (which can run offline as well as online). It is underpinned by WebAssembly and is able to enforce the same-origin and permissions security policies of the browser too.
This method maintains the version-less, feature-tested, and backwards-compatible nature of the web. These compatibility benefits outstrip those offered by VDI too, given the wider OS support and driver compatibility.
The absence of virtualisation also means there's no need to package apps. They're simply installed within the container, via a standard executable file. This means you can use the same SETUP.EXE and MSI files that you do today.
Once installed, apps behave and appear identically to how they did previously, ensuring a consistent user experience across devices. This familiarity extends to the deployment of the containers, too. Existing methods, such as SCCM, can be used to manage the process, which involves just a single installer, plus the container image.
Together, the strengths of the native container approach allow businesses to focus their resources and strategy on business objectives, rather than wrestling with their legacy computing requirements - greatly extending the life of critical production applications beyond the operating systems on which they depend.
It's a refreshing counterpoint to the constant demands on IT leaders to re-platform and restructure. It is innovation without losing what you've grown - repotting in place of reseeding - more ‘continuity' than ‘disruption', but no less a game changer for that.