1 - based off of my experiences both using and maintaining various infra at the University of Washington the problem is not finding talent to write software, it's the part that comes after. Maintenance, updates, et al.

A common theme is limited or no budget for updating or expanding systems such that the go from "nice" to "acceptable" to "clunky" and then worse.

Politics also becomes an issue. That aged home rolled service might have a palpable price tag to fund a major update for, but once you do discovery and scope every specialized integration made for every department and reality sets in. Whatever path is chosen is going to burn a number of parties, and using a vendor provides a baseline for functionality and a convenient scapegoat

2 - see federated auth via shibboleth, or any number of incommon tech. Or even Kerberos

This stuff exists and often works well, but brings it's own operational maintenance challenges and required specialized skill sets.

3 - only a subset of these processes were handled on paper. expectations on both the timelines and breadth of services have gone up significantly since this was all on paper