Monday, July 6, 2009

Knight of the Old Code and the New database

I realized today that I'm supporting code from over 6 years ago and I was fairly astonished that it still gets the job done as well as it did then. I love pushing the envelope and writing code that utilizes the latest and greatest tools, libraries and dark voodoo magic, as I would imagine all coders do, but it turns out that it's not always necessary.

There comes a point when old code just isn't good enough anymore, but I'm finding that point to be very subjective. Naturally I would like to write new code all the time to replace the code I've written in the past. I would love to replace all the legacy web applications with shiny new silverlight applications sporting sexy user interfaces and the latest and greatest data connections, but in business, it's not always practical to spend so much time. The ROI just isn't there in most cases.

That being said, I feel that it's crucial to update the database behind the code and make sure that all the data connections are secure. Many data breaches are the result of under secured web applications that practically give away data. It's easy in an Enterprise to overlook that old application that three people still use somewhere in Asia. Three people who never complain or otherwise bring attention to themselves or the application. The application, in many cases, might access a server that accesses another server...etc. In this way an obscure application might play gatekeeper to an entire, otherwise secure, network.

It's fairly simple to track down in code where an application talks to the database and even though it can be a considerable task to upgrade a database and change all the connections in an application, it is much harder to explain to a client why their data is hanging out on a torrent site.