It’s time for us to recognize that the legacy model of perpetual enterprise software licensing is obsolete. Indeed, we hear with increasing frequency that enterprise software vendors have notified their licensees that older versions of software will soon be EOA – End of Availability. In other words, the software has reached a point where it will soon no longer be supported or maintained. Instead, the software companies seek to replace the soon-to-be EOA software with up-to-date software, often in suites, provisioned via the cloud with SaaS.
While EOA may mean increased dollar expenditures, effort, and frustration for many enterprise licensees, our research finds that the newer and up-to-date software provisioned via the cloud may, in fact, reduce long-term costs and risks through benefits such as better cybersecurity, more robust functionality, increased staff productivity, and increased revenue opportunities.
A recent survey from Saritasa found that 60 percent of organizations continue to run legacy systems. IT teams at these organizations likely have too many day-to-day fires to put out as well as ongoing constraints on spending. They also obviously face multiple demands for resources, not just IT-related needs.
Indeed, as many CTOs and CIOs can attest, we’ve all gotten used to senior management asking us to do more and more with smaller and smaller budgets. Accordingly, the “stick with the legacy software” approach made sense in a time of incremental technology changes and less-demanding industry dynamics. The world, however, has significantly changed and EOA of enterprise software applications with perpetual licenses is inevitable as software vendors respond to industry dynamics and demands for newer and more productive applications.
An engineering perspective
The reality for enterprise software vendors is that supporting legacy software applications consumes enormous resources that could otherwise drive innovation. Maintaining backward compatibility, debugging obsolete code and creating workarounds for technology that no longer complies with modern standards and user expectations requires time and commitments from engineering teams who often prefer to devote time and effort to other, more rewarding activities. These efforts divert talent and funding from the development of new capabilities. Worse still, each deferred modernization effort increases the risk of security breaches and operational instability. The cost of doing nothing increases not only in terms of money but also in terms of reputational risk.
Unlike smartphones, EVs and cloud-based applications that can update seamlessly, enterprise software operates within a complex and fragile ecosystem often involving many organizations. Each update requires careful coordination across databases, integrations and infrastructure components that may differ from one licensee to the next. Updates in enterprise environments can be unpredictable and when something goes wrong, the results can be catastrophic.
Consider some recent industry events. In 2023, United Airlines had a system outage that illustrates how a single software update can ripple across critical systems and cause widespread disruption. A similar issue was seen in the financial sector in 2012 when Knight Capital experienced a trading outage after a “software glitch” inadvertently caused cascading trading errors that ended up causing the company $440 million dollars in losses.
The reality is that once software reaches its end of life, it stops receiving the updates, patches and bug fixes that defend against emerging threats. Each unpatched component effectively becomes an unlocked door in an organization’s security perimeter. Fundamentally, we know that in enterprise computing, the greater the interconnectivity, the higher the consequences of failure.
An August 2025 Microsoft update is an example of this situation. (Disclosure: the author has previously worked as a consultant for Microsoft.) The update was intended to improve performance and security, but it broke backward compatibility with older enterprise applications. This event confirms the reality that modernization and preservation of legacy models with outdated applications are fundamentally at odds. Indeed, each new generation of software has a different architecture and fragmented legacy software will never be able to deliver equivalent functionality. This tension between progress and preservation lies at the heart of why EOA and standardized lifecycles have become engineering necessities rather than marketing choices.
Engineering principles and standards
Some people may argue that EOA is more of a marketing/sales issue driven by a desire by software vendors to increase revenue. While it is true that most software vendors are focused on growing revenue and profits, as, indeed, all companies are on behalf of their stakeholders, the reality is that EOA is grounded in well-established engineering principles and standards.
In fact, EOA is entirely consistent with international standards such as ISO/IEC/IEEE 12207:2017 and 24728-1:2024. These standards define software lifecycle management frameworks that include retirement and disposal of legacy software as essential phases of responsible product stewardship. These standards, moreover, recognize that every software application moves through a predictable lifecycle, beginning with development and deployment and continuing through maintenance to, ultimately, retirement, i.e., EOA. Ending support for legacy versions is not an act of abandonment driven by a desire to squeeze licensees for more revenue, but an engineering practice required to maintain security and stability while increasing functionality.
The IEEE’s Software Engineering Body of Knowledge (SWEBOK) codifies this approach because it identifies obsolescence management as a critical component of the lifecycle process. SWEBOK’s framework establishes that proper end-of-life planning is as vital as design or testing because unmanaged, aging software introduces unacceptable levels of risk. The longer outdated code remains in circulation, the greater the exposure to vulnerabilities and performance degradation.
By aligning with these engineering and industry standards, software companies reflect that fact that an EOA decision is not just due to business reasons, but critically an obligation of sound engineering governance. The SWEBOK ensures that vendors and customers operate within a structure that prioritizes security and functionality over clinging to legacy practices out of nostalgia and a desire to save costs. EOA is a logical byproduct of responsible software development and service to applications that enterprises depend on to function, confirming that innovation itself is just as vital to advancement as disciplined retirement.
Changing relationships between vendors and enterprise licensees
Similarly, the movement by software vendors to subscription-based models aligns interests with their enterprise licensees. Software delivered via subscription uses modern development frameworks that allow developers to build enhancements faster for users because of the speed at which versions need to be released. These changes have transformed software from a static purchase into an evolving service that strengthens the relationship between vendors and users, where users expect stability and continuous innovation and vendors grow revenue through ongoing value delivery.
By contrast, traditional practices under the legacy model have made security and innovation nearly impossible to achieve at scale. The fragmentation of versions, the amount of technical debt and the complexity of maintaining compatibility across countless licensee environments create an unsustainable operating model. Software vendors are forced to choose between advancing their technology or preserving outdated frameworks, an impossible balance that leaves software at licensees increasingly vulnerable and organizations less agile. In the current cybersecurity threat landscape, the model can no longer survive.
EOA is an engineering obligation
Going forward, we need to recognize that software vendors must embrace lifecycle discipline, unified architectures and continuous software delivery as the foundation of responsible engineering and best practices. This lifecycle approach recognizes that every product has a natural endpoint, i.e., EOA and that expecting indefinite support and maintenance is not feasible. Subscription-based models with unified architectures reduce version sprawl, simplify integration and create the cadence needed to deliver consistent updates that quickly push out new functionality and security fixes. Together, these practices form a viable roadmap for sustainable innovation that helps to enable value creation at subscribers.
The software industry’s shift represents a scalable and disciplined path forward for enterprises. In a world of constant change and accelerating threats, the only sustainable strategy is rigorous lifecycle management. Software companies that treat EOA as an engineering obligation rather than as a business option, as well as offering suites if they sell multiple applications, will define the next era of software delivery and set the standard for customer expectations. Similarly, enterprises need to recognize the reasons why their software vendors are moving from the legacy model of perpetual licenses, on-premises provisioning and standalone software applications.
This article is published as part of the Foundry Expert Contributor Network.
Want to join?
Read More from This Article: Last rites for perpetual enterprise software licenses?
Source: News