Does Heartbleed show it is time to 'corporatise' open source?

bryang | 1 Comment
| More
The exposure of the Heartbleed bug that causes a major security vulnerability in many websites has handed a gift to the anti-open source lobby.

One of the most popular claims boasted by the open source community is that its code is inherently more secure because anyone can read it, and anyone can spot flaws.

The fact that Heartbleed - a small but significant bug in the code for the widely used OpenSSL encryption software - had been in existence for at least two years without being spotted or fixed rather weakens that argument.

But open source should not be dismissed just because of this one problem, no matter how significant it may be.

We have moved on a long way from the time that for most businesses "open source" meant using Linux instead of Windows.

Major organisations are adopting open source both as a way to adopt "free" software and as a cultural approach to software development.

Channel 4, for example, has built its big data strategy around open source products and contributes back to the relevant development communities.

The UK's Government Digital Service (GDS) has mandated that all software developed using public money should be published as open source - as a result, the New Zealand government is using the Drupal-based web publishing platform that GDS created for the Gov.UK website.

That sort of corporate backing for open source goes a long way to convincing IT leaders of its merits, and of the role it can play alongside proprietary products - which of course still have their place in the corporate IT infrastructure.

But there must be a danger - as demonstrated by Heartbleed - that open source hits a tipping point where the scale of use outweighs the resources of the community that creates it.

In local government in the UK, there is a growing body of IT leaders that would like to see open source products developed to replace the cumbersome legacy applications that the sector is locked into.

But trying to create a local government open source community to develop and support such products is a huge challenge that even a determined body of enthusiasts would have to take on.

Perhaps this demonstrates that in some areas, open source needs to have a more corporate approach - not from software vendors, but from its growing group of corporate users.

If IT leaders want to use more open source software, they will increasingly need to back that with resources - people and cash - to help support the wider community.

Corporates need to acknowledge that open source is not just a way to develop software, but a cultural approach to IT that needs their full support if they are to achieve the many benefits it offers.

Analysing G-Cloud: A need for wider awareness and promotion?

bryang | 4 Comments
| More
Few could doubt that the government's G-Cloud purchasing framework has been a success so far. More than £100m has been spent through it, opening up the market to SMEs and saving taxpayers' money compared to traditional procurement routes for IT.

There is no evidence to quantify those savings other than anecdotal - nobody is keeping a record of what a contract would have cost in the pre-G-Cloud days to compare - but some buyers have suggested savings of 50% are regularly achieved, with reports of as much as 80%.

But if there is one recurring criticism of G-Cloud, it's that not enough people are using it.

Awareness outside of central government is low - too few local authorities are regular users, for example.

An analysis of the publicly available G-Cloud spending data by Mark Craddock, former Cloudstore lead for the G-Cloud programme in the Cabinet Office and now working independently as a cloud consultant, sheds some interesting light on the challenges of delivering benefits to a wider set of buying organisations.

(Note that Cloudstore is the online catalogue of suppliers and their offerings, while G-Cloud is the purchasing framework within which Cloudstore operates).

Craddock's analysis suggests that while the amount spent and the number of transactions placed through G-Cloud continue to grow, the number of new buyers and suppliers placing and winning deals respectively, seems to have plateaued, as this graph shows:

G-cloud chart 1.pngBreaking down those figures further backs up that suggestion. This graph shows the number of new buyers and suppliers using G-Cloud each month:

G-cloud chart 2.jpgThis chart shows a steady increase up to August 2013 - roughly the time that former G-Cloud programme director Denise McDonagh moved on to become CTO at the Home Office, where she remains a stalwart G-Cloud advocate. But the number of new buyers has yet to recover to that peak level.

Craddock said that he thinks G-Cloud remains under-staffed and claimed just two people work on it full-time.

Back in February last year, former government digital director Chris Chant - the man who launched G-Cloud - called the programme "woefully underfunded" and said the Cabinet Office had originally promised to fund the equivalent of 20 full-time staff for the project.

A detailed look through the G-Cloud data backs up claims that repeat buyers are a big factor in the growth in cumulative spending.

For example, of the 162 transactions placed by the NHS agency the Care Quality Commission, 50 have gone to supplier Axis12, and 90 to Computacenter, with the remaining 22 deals spread between five companies.

The Civil Aviation Authority has placed 169 contracts, with 135 going to SCC, 21 to SmartSourcing and 13 to Equiniti.

The vast majority of the Department for Business, Innovation & Skills' transactions have gone to six suppliers - Fivium, IBM, Huddle, Parity, DXW and Zuhlke.

All but two of the 34 Department for International Development deals have been awarded to Emergn. 

Of 205 Department for Work and Pensions contracts, 40 went to Emergn, and 121 to Valtech.

At Health Education England, all but three of 132 deals have gone to BJSS.

From 198 transactions by the Houses of Parliament, all but six went to Interoute.

Every one of the 209 NHS Connecting for Health deals went to the same supplier, BJSS.

At the Office for National Statistics, where 330 transactions have gone through G-Cloud, 194 went to Parity, 59 to Methods Consulting, 43 to LA International, and 26 to Emergn.

Similar patterns can be observed for all the biggest G-Cloud buyers to date.

Now of course, this is still a lot better than having 80% of IT spend going to an oligarchy dominated by five or six big suppliers, as has been the case in the past.

It also has to be said that is is nothing but a huge improvement that all this spending data is publicly available for anyone to see - a welcome change from a past dominated by secrecy and Whitehall hiding behind "commercial confidentiality".

But the statistics suggest that within individual public sector bodies, a small set of suppliers are preferred; and that certain suppliers have worked out how to win G-Cloud deals more effectively than most of their rivals.

Anecdotally again, some suppliers are saying it has become too hard to win business on G-Cloud among so many listed vendors and services, and too difficult to understand how to stand out from that crowd.

The commitment of the Government Digital Service (GDS) to G-Cloud is still strong - although it does intend to re-brand the G-Cloud framework - and the early months of the programme have amply demonstrated that using this sort of framework, with its price transparency, wide range of suppliers, and rapid purchasing process, is shaking up the way parts of the public sector purchase IT for the better.

But it also shows there is a long way to go, and that GDS needs to promote and market G-Cloud more effectively to a wider audience of IT buyers if it is to fulfil its undoubted promise.

Update: Mark Craddock subsequently produced the following graph, which is a breakdown of the organisations eligible to buy through G-Cloud, by sector. It refers to the number of organisations, not the spending power, but it is interesting to see how small a piece of this pie is represented by central government (although the portion by IT spend would of course be much higher). This tends to reinforce the need for greater promotion of G-Cloud beyond Whitehall:
G-cloud chart 3.PNG




Who wants Windows XP to live forever?

bryang | 1 Comment
| More
And so the most popular PC operating system of all time reaches the final winter of its years.

Windows XP goes out of regular support on 8 April, but it is testament to its enduring success that Microsoft has been forced to extend provision of anti-malware updates for another year, and millions of users will remain covered by extended support agreements taken out by their employers.

According to web stats firm Netmarketshare.com, as many as 27% of all PCs still use XP.

We don't know how many UK government PCs still rely on XP - there are about 650,000 in the NHS alone - but the Cabinet Office has paid out £5.5m to keep its XP estate covered for another 12 months.

Most of the UK's ATM networks run on versions of XP too, with banks also having to sign up to extended support.

We have all become used to the idea that old software ceases to be, but the lingering reliance on XP does raise questions about whether users really want constant new versions for every application.

XP has continued because it works - it does a job, it does it well, it is reliable, no-frills and for many applications it could have happily kept going for a long time yet. It's only the fear of unpatched security vulnerabilities that is driving laggards to migrate.

Many observers have been critical of organisations that have failed to move off a system that has been flagged for its end of life for a few years - it has hardly come as a surprise that XP support is ending.

But those criticisms assume that an endless cycle of version releases is always going to be the state of play in IT.

Microsoft's rivals such as Apple and Google have already dispensed with the concept - moving instead to constant, free version updates that are either applied automatically in the cloud or pushed to user devices.

Microsoft struggles with that concept because its Windows and Office business models are predicated on licence fees for every new version.

But if we are really moving into the age of user need, with the balance of power in the hands of users not their suppliers, then much greater flexibility and choice is inevitable. In a different climate, XP might have continued safely on as a legacy operating system for many years.

Read more:

Windows XP support will end this year - are you prepared?

Microsoft urges businesses on Windows XP to migrate

Failure to migrate from Windows XP could torpedo your business

Cloud economics will challenge every IT supplier

bryang | 2 Comments
| More
The over-used phrase "price war" has rarely had a lot of relevance in the corporate IT market.

At best, we may have seen PC or server makers cutting prices by a few percentage points, or more typically bundling in new features to keep prices steady.

But now Google and Amazon are engaging in a genuine price war that not only benefits IT leaders but demonstrates the way that computing power at massive scale - known commonly as the cloud - takes IT into the realm of retail economics and commodity pricing.

First, Google announced a raft of new services for its cloud platform, and cut its prices by between 32% and 85% in a direct challenge to Amazon Web Services (AWS).

Amazon responded days later with what it claims is its 42nd AWS price cut, reducing costs by up to 40% to stay mostly on a par with Google.

We still wait to see how Microsoft - which has promised to compete on price in the cloud market - will respond for its Azure service.

This is the economics of enormous scale. The more companies sign up to Google or Amazon's cloud services, the greater the scale of operation, and the more prices will tumble. As long as the cloud providers continue to expand their datacentres to stay ahead of growing demand, the economics dictate that the unit price of processing power or storage reduces with greater size.

This, more than any technical capability that the cloud offers, is the reason why this will be such a transformative technology for corporate IT in the years to come.

It will also have a knock-on effect in other areas. If, for example, you can run a database on a commodity cloud service, can you really justify the price differential between Oracle or SQL Server licences and an open source equivalent?

Even if the open source option is less functional, you will want to keep the costly per-user or per-processor licences of the proprietary software reserved only for the uses that can justify that extra cost. The same logic will increasingly apply across many areas of IT products.

The potential benefits for IT leaders are enormous. For IT suppliers, there is no denying the future. CIOs would be wise to ask their key suppliers how they plan to respond.

What you won't see in Budget 2014 - the digital opportunities being missed by every political party

bryang | No Comments
| More
Chancellor of the Exchequer George Osborne announces the Budget tomorrow (Wednesday 19 March), and the media is full of speculation over what his speech will include.

I would, however, like to make a confident prediction about a few things the Budget will not include.

Politicians of all parties are yet to understand to even the slightest degree how technology can be used to underpin policy making over the next five to 10 years. As a result, this year's Budget will be yet another missed opportunity to take a radical, digitally influenced approach to government.

Every party likes to describe their policies as "progressive" - which, as far as I can tell, basically means, "Let's announce an idea that none of the other lot has tried yet".

But a truly progressive policy would be one that recognises the far-reaching societal, cultural and economic changes that the digital revolution is going to enable in the coming years.

Let me be clear what I mean here.

I'm not talking about "digital government" - that is, the delivery of public services using digital channels such as the web and mobile. The current government has made some great strides in this area, and the Labour Party has acknowledged the importance of developing its own policy. Digital is now in its infant steps of changing the relationship between citizens and the public services they consume - which is a great thing.

Nor am I talking about the role of technology in the economy - supporting the IT and digital industries, developing the digital skills we need in the UK workforce, and recognising that all things digital are a huge global opportunity for UK businesses. There has been some progress in this area under the Coalition - Tech City has established a profile for London as a vibrant home for tech startups; more apprenticeships are available for IT and engineering jobs; and the government is actively promoting the UK technology sector abroad as a world leader.

But what is missing entirely is the third slice of the digital economy pie - exploiting the digital revolution to solve some of the policy and political challenges of our time.

To illustrate what I mean, look at one high-profile, controversial policy of the moment - HS2, the high-speed rail line to link London and the north of England.

In a digital world, HS2 is a 19th century solution to a 21st century problem. The key problems it seeks to solve are: to rebalance the economy between north and south; and to plan for predictions of future rail capacity as train travel for passengers and freight continues to grow.

This assumes two (among many) things - that the rebalancing of the economy away from London and the south depends on the physical movement of people and goods; and that people will continue to want to travel between the north and south of England to do business in person.

If you look at both those assumptions wearing a digital hat, they quickly start to fall apart.

Developing the digital economy and digital skills in the north of England is a huge opportunity to rebalance the economy without mass movement of people and goods. We in the south are constantly told about lack of jobs, rising unemployment and declining living standards where old manufacturing and primary industries have declined in the north. We see talented graduates drawn to London because that's where they see the secure, well-paid jobs of the future will be, thereby entrenching the economic challenges of their home regions.

Actively encouraging and enabling the development of digital skills, and the setting up of digital businesses (or just northern offices for existing London-based technology employers) puts those regions onto a growth path for the future economy - one where getting on a train to London for work is a novelty, not a necessity.

As superfast broadband is (mostly) rolled out across the country, the easy and cheap availability of tools such as video conferencing, social networks, unified communications, collaboration, mobile, cloud and so on, make it increasingly viable to avoid lengthy journeys between north and south. Technology like this offers more time at work, more frequent communications, and thereby more productivity and growth.

So, in a digital economy as described above, is £50bn on a faster train line really the best economic investment for a government to make?

Think about it - let's say, for example, that government finds a way to incentivise employers to encourage more staff to regularly work from home, perhaps with some sort of short-term tax break.

If, conservatively, 50% of employers can get just 20% of their office-based staff to work from home two days a week, that means 4% fewer commuters every week. That's a 4% reduction in peak-hour road traffic and train capacity straight away.

It also frees up 4% of office space, that can be converted into brownfield sites for new residential housing developments that helps to ease the chronic housing shortage, keep house prices down, make property affordable again for a younger generation, and avoid the sort of planning delays that are holding back property developments around the country.

But those new home workers might not actually want to be confined to a room in their house two days a week. They might still like to have other people around them. So what about developing some of the UK's libraries - under pressure of closure from cash-strapped councils - into community workspaces? Equip them with Wi-Fi and broadband capacity and they become a vital community facility.

Put a crèche and childcare facilities inside them too, and working parents get cost-effective childcare and a better work-life balance.

Now go back and read those last few paragraphs and imagine that 75% of employers can get just 20% of staff to work at home twice a week. That's 6% fewer commuters, 6% of office space freed up.

How about 40% of staff? That's 12% fewer commuters. And that's a serious economic and political opportunity.

And none of that mentions the potential benefits to local community retailers, who have all those home workers to feed and provide coffee for, or to pick up extra business when they have time to pop into the town centre over lunch.

Now, I'm not an economist, and wouldn't claim to have the detailed analytical tools or skills to delve deeply into what I admit are simplistic arguments. But it must be clear to anyone that there is a huge opportunity here.

If you took half of that £50bn set aside for HS2, and put it instead into rural broadband, digital skills development, homeworking incentives and converting libraries - how much more economic benefit would that have than getting from the north to London for a meeting half an hour earlier?

And that's just looking at the progressive digital alternatives to one policy, HS2.

But I can confidently predict, nothing like this will be in the Budget, nor in the manifestos of the three political parties for next year's General Election. How I would like to be wrong in that prediction.






Labour: 'This is not a review of GDS. It is a review of digital government'

bryang | 1 Comment
| More
Labour formally launched its Digital Government Review at an event in London last night.

It's clearly going to attract a lot of interest and scrutiny, if the reaction to my previous article on the subject is anything to go by.

In particular, the suggestion that the Government Digital Service (GDS) might become a political football between Labour and the Tories has aroused much debate. Here are some of the best articles I've seen since:

Digital electioneering, by Alex Blandford.
The task facing Labour's Digital Review, by Matthew Cain.
Digital is political, by Stefan Czerniawski.
As these examples show, this is a topic that a lot of people are passionate about.

Last night was an opportunity for Chi Onwurah, Labour's shadow minister for digital government, to announce the "independent, non-partisan" advisory board who will help with the review, and to attempt to clarify some of the speculation of recent days.

"This is not a review of GDS," she said, "It is a review of digital government."

I get the impression that Labour does privately see GDS as a Tory creation, and as such not to be entirely trusted. But the depth of support for what GDS is doing means it would be very unwise of Labour to overtly target GDS.

Nonetheless, as several of the guests that I talked to acknowledged, it is very difficult to review the state of digital government without reviewing the role of GDS. In central government at least, GDS is digital government.

The membership of the advisory board was received as a mixture of "Good choice", "Who?" and "Not them again" by people I talked to. But it does represent a wide spread of digital experts, citizen advocates and industry experience. The advisors are:

  • Peter Ingram, managing director of Touchstone Consulting, previously CTO of Ofcom and BT Retail.
  • Stephen King, a partner at Omidyar Network, the venture capital fund created by eBay founder Pierre Omidyar.
  • Piers Linney, co-CEO of cloud service provider Outsourcery, and a "dragon" on the BBC's Dragon's Den show.
  • William Perrin, the founder of Talk About Local, until recently a member of the GDS advisory board, and former technology policy advisor to Tony Blair and driving force behind the Labour government's 2007 Power of Information Review.
  • Cho Oliver, director of software consultancy Liquid Steel, previously CIO of European Oil Trading at BP and now an advisor to Labour on innovation & science.
  • Vicki Shotbolt, founder and CEO of The Parent Zone, an online community and information source for parents.
  • Jeni Tennison, technical director of the Open Data Institute.
  • Graham Walker, CEO of Go On UK, Martha Lane Fox's charity set up to develop digital skills among the 11 million UK adults who have never used the internet or do not feel confident enough to do so more often.
Labour has wisely avoided representation on the advisory board from the big IT suppliers that have become a controversial bone of contention under the Coalition government. The "oligopoly" that dominated government IT under the Labour administration - and have since been accused of "ripping off government" - have seen their contribution and revenue from Whitehall slide in recent years, and they are not happy about it.

It is clear that they see Labour's review as an opportunity to reverse that trend should Labour win next year's general election.

The event was hosted by mobile giant EE at its Paddington office, and among the guests were executives from some of the suppliers that have taken the most criticism for their past contributions to Whitehall IT, such as Microsoft and Fujitsu. Their lobbying budgets will be well exercised over the next 12 months.

Of course, Labour would be wrong to exclude Big IT from its review and their input will be valuable. But there are definite concerns from many digital advocates that the Big IT influence will be disproportionate. It is up to Onwurah and the advisory board to make sure that doesn't happen.

One welcome area that Labour wants to focus on is local government. It is fair to say that councils have not been the priority for GDS, which has focused on technical, commercial, organisational and cultural change in IT and digital across Whitehall.

That's not to say GDS is not interested in local government - it is - more that as civil servants they target the priorities of their political masters. So it is a good time to see how best to combine central and local government digital efforts for the greater good of citizens.

After all, for most people it is local services that represent their daily experiences of the public sector. It's great to have a superb online car tax system, or an easy to use digital PAYE tax website, but you only need those once a year. Everyday public services for most people are education, local transport, refuse collection, housing, social care and other council-managed services.

Most of all, Labour's digital government review is an opportunity for everyone to get involved - much as it is set up and run for political purposes, Onwurah was clear that they want input from anyone and everyone with an interest in the topic or with a contribution to be made.

So, whether you think digital government is political or not, I'm sure you think it is vitally important - so let Labour know your views.

GDS becomes political as Labour launches digital government review

bryang | 5 Comments
| More
Government IT - and in particular, the role of the Government Digital Service - is about to get political.

Tomorrow night, the Labour Party launches its digital government review, a programme designed to feed directly into Labour policy for the May 2015 general election.

The review is being led by shadow Cabinet Office minister Chi Onwurah - herself an engineer, and former head of telecoms technology at Ofcom, and as such better qualified than most politicians to understand all things digital.

I met with Onwurah yesterday for a briefing on the review, and it's clear there will be much debate generated by Labour's perspectives on digital government.

What is Labour's review all about?

According to a briefing document that Onwurah shared, the review has four areas of focus - and I'm quoting directly from the document here, so these are Labour's words, not mine:

  • Digital government has the power to transform the relationship between the citizen and the state. But that is not what is happening now.
  • Labour's Digital Government Review will set out clear and realistic goals for a digital agenda that will improve services and empower citizens while being efficient and cost effective.
  • The Review will recognise the good work of the Government Digital Service where it is successful, and suggest changes of direction where it is not.
  • We will identify an advisory board of the willing and able - well known and experienced industry insiders and stakeholders to review evidence and proposals around two workstreams:
Powering digital government - This will look at how to drive positive, progressive digital change through local and national government, including organisational, skills and technology/infrastructure issues.
Putting citizens in control - How to overturn the power relationship between government and citizens.
What does that all mean?

According to Onwurah, Labour's main criticism of the Coalition's digital policy is that it is too focused on cutting costs. She said Labour wants digital government to be more "progressive", and focused on enabling citizens, rather just cutting costs (although recognising that cutting costs is a good thing too).

She said that digital should not be about imposing a way of working on the public sector - Labour is not fond of the "digital by default" mantra - but about supporting public service delivery.

She talked about a need to be more context-driven, rather than transaction focused. While the GDS focus has been on redesigning 25 "exemplar" transactions, Labour feels this is missing the complexity of delivering public services to the individual.

"The Tories assume that if you put it out there, then the market will just use it. But often, it needs more personalisation," said Onwurah.

It is fair to say that the most frequent users of public services are often those on the wrong side of the digital divide. In an article for Computer Weekly last year, Onwurah wrote: "When this government decided upon the digitalisation of this [online job search] service they apparently did not take into account those with poor literacy skills, mental health issues or learning difficulties - who, as most people would have predicted, make up a higher-than-average proportion of the unemployed."

She cited another example - elderly social care - where the role of digital government is a very different context to something purely transactional like applying for car tax online.

The role of GDS

I asked Onwurah about the role of the Government Digital Service (GDS). She was complimentary about its successes, but felt it has taken an approach that has, at times, alienated people at the coalface of service delivery - by which I took to mean staff in key Whitehall departments.

She claimed that GDS had been "scarred" by some of its experiences in working with departments, and cited Universal Credit and the DWP as the most obvious example.

She also called for a more "federated" approach to digital delivery, one that involves local government more. She said that GDS has been too central-government focused, while for most citizens, their local council is the face of everyday public services.

She also cited the frustrations of councils over security accreditation for the Public Services Network (PSN) as an example of the tension created between central and local government over digital services (although PSN is currently a Cabinet Office project, not GDS).

Labour is also critical of GDS's apparent hostility to large IT suppliers. Cabinet Office minister Francis Maude has openly attacked the "oligopoly" of big IT companies, and GDS has a remit to open up the government IT market to SMEs, with a target to put 50% of all IT contracts through SME suppliers.

Onwurah said that it is an "exaggeration" to say that big IT suppliers are "the bogeymen of IT". While Labour supports competition and creating opportunities for SMEs, she said that large suppliers "shouldn't be locked out, but neither should they be locked in".

She mentioned Fujitsu and HP - two suppliers who have faced particular criticism for their government IT work in the past - as likely contributors to the review. She was keen to point out that suppliers will play no role on the advisory board for the review, but they will be encouraged to make submissions as part of a general call for evidence.

What the review is not about

The review is tightly focused - it looks only at digital delivery of public services. It is not about digital economy issues or national infrastructure such as broadband or mobile networks. Nor is it about the role of technology in wider policy making (which I think is a shame - not one political party has yet grasped the opportunities here). The Labour digital government review runs alongside two related but separate reviews - one into the UK's digital skills base, and another into the creative industries (such as copyright, etc).

Comment

There are strong arguments for and against the politicisation of digital government - a debate already played out in Computer Weekly between Onwurah and Mark Thompson, one of the architects of the Conservative technology policy that led to the creation of GDS.

Thompson feels that digital is apolitical and needs a common approach regardless of who is in power (he has also advised the Labour Party informally).

Onwurah countered that public services are inherently political, and as such, digital public services must be too.

I think it is a good thing that digital government is being discussed at a political level - it recognises its critical importance to the future of public services. But it mustn't become a political football, driven by ideology. It will benefit nobody - least of all the citizen-users of public services - if we have a "Labour IT" approach and a "Tory IT" approach that changes with every change of government.

We do absolutely need a consistent strategy, with the fundamentals agreed upon and maintained regardless of politics.

Labour has picked up on the way the Tories have tried to turn "agile" into a way to bash the Opposition. Francis Maude and work and pensions secretary Iain Duncan Smith have both talked of agile as if it's some Conservative innovation that will save us all from the big IT failures of a previous Labour government obsessed with Big IT Projects.

Onwurah wrote in her article last year: "What I certainly do not support is the politicalisation of tools such as project management methodologies but that is exactly what this government is doing - characterising Waterfall as monolithic Labour and Agile as dynamic, entrepreneurial Tory."

She is right to criticise Tory politics over agile - it certainly came back to bite Duncan Smith over Universal Credit - but it would be wrong to dismiss agile just because the Tories tried to claim it as their own.

Similarly, Labour must be careful not to be seen as swinging the balance back towards the big suppliers who deserve much of the criticism they have received over their role in government IT.

Labour's biggest failing with IT in government was not in its choice of suppliers, but in outsourcing the IT skills needed to better run projects and manage those suppliers. The current government's drive to re-skill and recruit IT expertise into Whitehall is the right move. Labour does at least recognise this - Onwurah agreed that, if the role of government is to govern, then you need civil servants who know how to govern IT every bit as much as you need them to govern any other policy.

I hope Labour will talk to GDS as part of its review. The internal politics of government and Whitehall mean that civil servants in Whitehall departments are kept very much at arm's length from the Opposition. Only in the final 12 months before the general election will Labour be allowed to formally meet with civil servants in preparation for the prospect of becoming the governing party.

If Labour talks to GDS chief Mike Bracken and CTO Liam Maxwell, I think they will find that many of their concerns and ideas for improvement are shared.

Bracken is passionate about digital public service delivery and will, I would imagine, want the opportunity to involve local councils more, to personalise services more, to add the sort of context that Onwurah talked about, and to expand GDS's existing digital inclusion team.

Bracken is unlikely to talk about his personal politics, but as a Scouser and Liverpool FC fan, a Hillsborough survivor, presumably brought up in 1980s Merseyside, a founder of digital advocacy group Mysociety.org, and a former Guardian digital director - it's up to you if you want to take a guess at how he's likely to vote next year.

Maxwell is a former politician himself, a Tory local councillor. His voting intentions are probably pretty easy to guess.

But their political views don't matter - the main thing that unites Bracken and Maxwell, and has become the driving force for GDS, is the question: "What is the user need?"

The Labour review's two workstreams - powering digital government, and putting citizens in control - fit very much with how Bracken and Maxwell would describe the importance of user need.

Both of them would agree with the Labour statement that, "Digital government has the power to transform the relationship between the citizen and the state. But that is not what is happening now". Both would say that is precisely what GDS hopes to achieve.

Both of them have been privately and often publicly critical of the attitudes and past role of big IT suppliers. But what they want is not to exclude big suppliers, but to see them change - to increase competition, reduce costs, end lock-in and receive better services. You can only achieve that by opening up more opportunities for SMEs as well.

I hope too that the Labour review considers the importance of open standards, and resists the efforts of certain suppliers to write the rules around their favoured standards.

Labour's review is timely. The next 12 months will be critical for GDS and for digital public services - as the 25 exemplar digital transactions start to go live, the GDS model will be tested in the most public way possible. This is, therefore, a good time to step back and see what has worked, and what can be improved post-general election, no matter who wins.

But I hope that Labour does not see GDS and its methods simply as a Tory construction that needs to be changed for ideological reasons. I would urge Labour to consult with GDS leaders once they are allowed to do so - I suspect they will find more common ground than they might expect.

The supplier landscape is changing as IT buyers shun inflexible traditional vendors

bryang | No Comments
| More
IT suppliers have always been an easy target for criticism and cynicism. IT managers will raise their eyebrows at the mention of vendors and share war stories with their peers of the relentless sales pressure to buy more products.

They are often seen as a necessary evil, and as such, one with little need to reform their ways. But the balance of power is changing.

In the same way that the command and control approach to corporate IT is being washed away by the balance of power swinging to users, so too are suppliers seeing their influence in the IT department waning.

Look at some of the recent evidence.

John Lewis recently launched its own tech startup incubator, putting cash into helping small firms develop innovative new products for the digital retail world. This can only be necessary because traditional IT suppliers are failing to deliver the innovation that John Lewis needs.

Similarly, many banks are putting more money into working with startups - examples here include Citi, Barclays and La Caixa, among others.

Across the public sector, IT buyers are moving away from the big outsourcing deals of the past. Instead, they are growing their in-house skills base, and turning to multiple deals with smaller suppliers - recent examples include the BBC, the Post Office, and the Department for Energy and Climate Change. Why? Because their traditional suppliers have not delivered the flexibility, innovation and transformation they promised.

At the recent Cloud Expo conference, HSBC's global head of innovation lamented the failure of IT suppliers to sell products and services that match what companies really want. "When I was walking round the show, all I could see were people selling me lots of tools - screwdrivers and spanners," he said. "We really have to move the game on and become a lot more innovative."

The mismatch between IT buyer expectations and IT supplier products and services is growing. When IT leaders have for so long had little choice but to make the best of what they are sold, they have muddled through. But increasingly, the most successful digital organisations are those which develop their own capabilities or use smaller, nimbler suppliers, and turn to bigger vendors only for commodity products.

Technology companies come and go, and outside the biggest names, many vendors that were well known 20 years ago have disappeared. Many of today's suppliers are going the same way, but more quickly - and they only have themselves to blame. By 2020, the vendor landscape will be very different from today.

Is DWP about to lose its CIO?

bryang | 1 Comment
| More
I've been told that the Department for Work and Pensions CIO, Andy Nelson, is about to step down from the role.

The information came from a usually reliable source, but at the time of writing this, the DWP press office has yet to confirm or deny what I was told, despite repeated requests.

If it's true, Nelson's departure would raise further questions about IT developments in a department that is already under great scrutiny as a result of the problems surrounding Universal Credit, the DWP's flagship welfare reform programme.

DWP is the biggest Whitehall department in IT terms, and should Nelson depart it would be another step to the elimination of the CIO role in central government.

Nelson ended up at the DWP as a result of his previous job, as HM government CIO, being scrapped in favour of the Government Digital Service (GDS) model of a digital chief alongside a chief technology officer (CTO).

The scope of the CIO role at DWP has changed since Nelson was appointed in February 2013, with the creation last year of a new post, director general of digital transformation, taken by former Vodafone online chief Kevin Cunnington.

Cunnington is responsible for IT development for the most important, high-profile DWP projects such as Universal Credit and single-tier pensions. Nelson's predecessor as CIO, the late Philip Langsdale, was also responsible for Universal Credit, but after his untimely death in December 2012, a new director general was recruited, Howard Shiplee, to oversee the department's most important project.

As well as Cunnington, a CTO, Jon Ayre, was appointed at DWP in September 2013.

Before Cunnington was appointed, I heard rumours of disagreements between Nelson and GDS chief Mike Bracken over the preferred candidate for the DWP digital job.

So, if Andy Nelson's departure is confirmed, it would appear that the DWP CIO role has been gradually diminished since his appointment. Nelson is an experienced CIO - Ministry of Justice CIO before his HM government CIO role, and senior IT leadership jobs at Royal Sun Alliance, GE Capital, and Asda prior to that.

Few CIOs with such a track record would feel comfortable being left as the guy who keeps the lights on, even if those lights are central to the UK's benefits system.

In the circumstances, it seems unlikely that Nelson's departure - if confirmed - would have much impact on the future of Universal Credit, but perhaps that very fact makes it a good time to leave anyway.

Now comes the acid test for the government's open standards policy

bryang | 1 Comment
| More
The UK government's consultation on the use of open document formats has closed*, and we now wait for the acid test of the Cabinet Office commitment to open standards.

The outcome of this process will determine the government's ability to break its lock-in to proprietary software for years to come.

Responses to the consultation - available online for all to read and comment, in a welcome break from the past - have spread across 14 web pages, such is the interest in what may seem an arcane and narrow topic to those outside IT.

The champions of the policy - led by chief technology officer Liam Maxwell - will tell you over and again that this is not about any one supplier or product, it is simply about ensuring maximum competition and choice for public sector IT buyers.

But of course, everyone else knows this is really about breaking the dominance of Microsoft Office and avoiding lock-in to that one supplier.

The consultation has attracted international attention, with supportive comments from organisations around the world that have been through a similar process. Internet guru Vint Cerf, in his role as Google's web evangelist, has commented, as have pressure groups such as the Free Software Foundation and Open Forum Europe.

The responses are overwhelmingly in favour of the proposed use of ODF as the standard for documents - a format support by Microsoft Office, and by plenty of other non-Microsoft applications.

The controversy arises from the omission of OOXML - the standard proposed and designed by Microsoft, used (in one of its forms) as the default for Office, and by, well, not very many others.

Microsoft's national technology officer, Mark Ferrar, contributed the company's lengthy, point-by-point rebuttal of the policy. The supplier has tried to rally its troops to the cause, writing an open letter to its partners last week encouraging them to contribute to the consultation. It would appear that very few listened.

Certainly it would be fair to say that the open source / free software lobby has marshalled its supporters to much greater effect.

Microsoft has no objection to the use of ODF, but insists that OOXML should be included too. The basis for this argument is that OOXML is by far and away the most popular "open" standard for documents in use across the UK public sector.

You can translate that to mean that, not surprisingly, the vast majority of government documents have been created and saved in Office formats such as .docx and .xlsx - although these use the "transitional" form of OOXML and not, as many contributors pointed out, the "full" OOXML standard.

Other commenters on the consultation pointed out the somewhat foot-in-mouth nature of Ferrar's observation, in that he proved the total dominance of Office formats across the public sector and thus demonstrated the precise reasons why the government wants to break that stranglehold.

Microsoft has previously quoted a figure of £500m as the cost of transitioning all government documents to ODF, but stopped quoting that number so loudly when it was pointed out that this was in fact the cost of being locked-in to Microsoft Office.

So, what happens next?

The government has only two options - to stick with its proposal and exclude OOXML, or accede to Microsoft's wishes and allow both ODF and OOXML.

If they choose the latter, the Cabinet Office will stand accused of crumbling in the face of the big supplier power it has said so often it wishes to break away from. The open standards policy would be in tatters.

If they stick to their preferred option, then it must be likely that Microsoft will formally challenge the outcome of the consultation process, leaving it mired in legalities for ages - and possibly until a change of government in 2015 decides it's not worth the hassle.

It would not be that hard for well-funded lawyers to argue that the responses to the consultation are not wholly representative of the entire tech community, given the obvious enthusiasm of the anti-Microsoft brigade to put forward their opinions.

But there is little doubt that the vast majority of people with an interest in genuinely open standards and unencumbered competition are hoping the government will prove its commitment and ratify its proposals.

*Amendment: The consultation was due to close on 26 February, but the Cabinet Office has extended the deadline to 5pm on 28 February because a "glitch" on the server meant that some people were unable to submit comments by the original deadline. If a sudden flood of pro-OOXML responses are submitted, we'll let you know...







Thanks Microsoft - we now know that everybody prefers ODF to OOXML for government document standards

bryang | 1 Comment
| More
Microsoft's call to its friends in the software community to contribute to the government's consultation on open document formats seems to have worked.

Although, perhaps not as Microsoft intended.

On 19th February last week, Microsoft's UK chief Michel Van der Bel wrote an open letter to the software giant's UK partners encouraging them to comment on government plans to standardise on ODF for document formats.

In a carefully worded letter, Van der Bel set out Microsoft's case for adding its preferred standard, OOXML, to the list of approved formats. OOXML is a standard that was created by Microsoft, pushed through the International Standards Organisation by Microsoft despite heavy criticism, and is pretty much only used by Microsoft Office - even though the default .docx Word format is not fully compliant with the strict OOXML standard.

He was very precise in his wording, trying to make it clear that Microsoft wasn't against ODF, nor did it expect partners to specifically promote OOXML. "It is not our job to change your mind," wrote Van der Bel, "but we feel we should ensure you are properly appraised of a situation that may have an impact on your business."

It was of course a thinly veiled attempt by Microsoft to get as many of its friends to oppose the government proposals and force its own OOXML standard into the mix.

Well, it has half worked.

Before Van der Bel's letter, by my count the consultation website set up by the Cabinet Office had received just 12 submissions, of which all but two were supportive of the ODF plan.

Since the letter was published, (and as of writing this post) the number of submissions has grown to 170.

Great, you might think if you were Microsoft. Not quite...

By my reading, I could find only one of the extra 158 submissions that supported OOXML. It seems that Microsoft has wholeheartedly succeeded in encouraging the software community to contribute to the consultation, just as it asked them to, and as a result has demonstrated the overwhelming preference for ODF and the depth of negativity towards OOXML.

So, if the proposal for ODF is ratified, don't forget to thank Microsoft for its efforts in helping it through.

The lesson from the NHS Care.data row: You can't keep privacy issues private any more

bryang | No Comments
| More
The rumbling, growing row over the NHS England Care.data service has become an instruction manual for how not to handle data privacy in the digital age.

For anyone not aware of the issue, Care.data is the new service that will upload all GP patient records in England to a central database, to be used for medical research by both the NHS and private companies such as pharmaceutical firms.

A similar service already exists for hospital records, but this is the first time it has been extended to basic GP records - effectively, all of our medical histories.

The likely benefits of the service are immense. The ability to mine that information and use modern big data analytics promises to lead to important new insights into patterns of health and ultimately to better treatment regimens and more effective drug development.

The downsides are obvious to anyone who has followed the growing awareness of data privacy in the age of mass data collection on the internet.

Perceived risks

The perceived risks of people's most sensitive personal information being misused, hacked into, leaked, abused or sold for use by insurance companies are genuine and heartfelt by many.

Initially, the backlash against Care.data came only from knowledgeable privacy campaigners such as Phil Booth and Helen Wilkinson, who set up MedConfidential.org to spread awareness and challenge NHS England.

But as we have come nearer to the first upload of GP data to the service, the issue has broken onto the front pages of national newspapers. Evidence is mounting that the so-called publicity campaign by the NHS - sending leaflets as junk mail to every home in England - has failed to adequately inform the public about the implications and their rights.

Executives at NHS England insist they are aware of the risks, and maintain that the service has been designed to protect patient privacy. But their actions in a digital world fail to match their words.

Anonymity and opt-outs

At the heart of the matter are two issues: the ease or otherwise of being able to use supposedly anonymised patient records to identify individuals; and the right to opt out of the scheme entirely.

The NHS argues that it will be too difficult to re-identify someone from an anonymous personal record within many millions of records - a justification that might hold true for the vast majority of situations today. But anyone with knowledge of the speed of development in big data will tell you that we are not far away from readily available, highly advanced tools that can easily analyse and mine huge haystacks of information for very small needles.

In the digital age, a process of anonymisation that does not take into account rapid developments in analytics and cross-database data matching is clearly open to potential future abuses.

Opting out of the scheme is easy, says the NHS. Just tell your GP. Let's put aside for the moment the number of stories of patients asking their GP surgery, and being told they don't know what they're talking about. The real problem here is that the opt-out is a once and only opportunity.

Once Care.data is live, with your medical records included, there is no going back. You cannot subsequently change your mind and withdraw your data. If you approve of your children's records being included in Care.data, then when they are old enough to decide for themselves (and living in an even more technology enabled world) they will have no right to opt out.

In a digital age, offering any service that uses personal data without a perpetual opt out - ideally, easily available online - is increasingly unacceptable.

Throughout the process, it seems the NHS England approach has been to emphasise the benefits of Care.data - which are considerable - and attempt to play down the privacy concerns as acceptable and manageable. This has led critics to accuse the NHS of trying to sweep privacy issues under the carpet, and hide the very real concerns from the public.

Lead on privacy

For me, the biggest lesson learned from the growing row is that in this digital age, the NHS strategy was completely the wrong way round.

Any public sector body - or any business dealing with large amounts of personal data - needs to put data privacy issues front and centre of their argument.

Lead with privacy. Go beyond what the law dictates; beyond what data protection rules and watchdogs mandate. Be as openly paranoid about data privacy as the biggest conspiracy theorists. Offer affected individuals as much opportunity to change their minds and opt out as you possibly can.

Then, and only then, will people genuinely listen to and understand the reasons you need their data. And chances are, they will be happy to hand it over.

It seems likely that NHS England will continue to bulldozer Care.data through, and as a result the privacy arguments are only going to get fiercer. There will be more bad headlines, there may even be legal action. Medical bodies such as the Royal College of General Practitioners, which has already expressed its concerns about the process while supporting the aims of the service, will raise their voices and pressure on NHS England will increase.

It will become a test of resilience for the Care.data champions, not a test of the benefits delivered.

For the record, I intend to opt in to Care.data - by which I mean I won't exercise my one-off right to opt out and will accept being automatically opted in (click here if you want to know how to opt out).

For my personal circumstances, the benefits of the service are worth it, as I have nothing (yet) in my medical history that I would be cautious about sharing in public. Moreover, with someone very close to me suffering from a rare form of cancer, anything that helps medical researchers learn about that condition and come up with more effective treatments becomes a priority.

But even then, I would be so much happier if I had the ability to opt out in future should my health situation change and I had something I wanted to keep completely private between my GP and me. And for a lot of people, that worry may be enough to want to opt out now - if only they fully understood that they had to.

The risks to Care.data of future scandal are very real. But it could all have been so different. It may be too late to change in this case, or maybe change will subsequently be forced on the NHS through circumstance or law.

But for any other organisation wishing to gain the benefits of big data analysis from their customers' personal data, the launch of Care.data remains an example of how not to go about it.

Update: 19 February 2014

By absolute coincidence or dumb luck (much as I would like to pretend it was prescience), a few hours after this article was published, NHS England announced that Care.data roll-out was being delayed by six months to address concerns about the use of data and patients' right to opt out. That's a welcome and sensible move.

But it's now an opportunity to move away from the analogue thinking around data privacy that has led to this delay. The messaging to patients needs to stop taking the line, "This will be great - trust us, we know what we're doing", and change to "Please can we use your data, and this is why we want it".

It's no longer enough for the NHS - or any part of government - to assume a patrician approach to people's personal data. It's our data, they need to convince us why they want to use it, and make sure we remain in control of how it is used. It is worth NHS England making the argument, because the benefits of Care.data, when introduced properly, will be worth it.


Coding for kids is great - but where do digital skills come from in the meantime?

bryang | 1 Comment
| More
There has been a lot of discussion lately on the topic of teaching school children how to code.

Some controversy has ensued - as ever - around some of the initiatives, but there is little disagreement that it's vital for the future UK economy that schools offer basic computer science education for all and the opportunity for kids to develop coding and computing skills at an early age.

It's also good for the children themselves, regardless of their future economic potential.

There is pretty much universal agreement that better technology education in schools is A Good Thing. But what are we going to do for the next 10 years until those children reach the workforce?

There are still plenty of skills shortage deniers around, but the evidence continues to mount that the demand from businesses and the public sector for digital technology expertise is far outstripping supply.

In the north-west of England, digital businesses seeking new staff had to increase salaries to remain competitive, and developer wages in the region shot up by 16% in 2013 as a result.

Computer Weekly has reported on the difficulties that some Whitehall departments are facing in recruiting suitable IT professionals to support the drive for digital public services.

HM Revenue & Customs, for example, is trying to recruit 50 people for a new digital centre in the North-East. I was talking about this to the CEO of a major IT recruitment firm recently, who summarised the challenge rather succinctly: "The trouble is, there are only 50 people with digital skills in the North-East. And they all know each other," he said.

At a time when even David Cameron is encouraging UK businesses to bring back skills they have previously offshored, the gap between demand and supply is not closing anything like fast enough - if at all.

Camden Council in London is one organisation that has recognised the problem, and its new digital strategy highlights the need to "upskill" (dreadful word) its staff. They have also identified the solution - investment in training existing employees is the only way to avoid skills shortages or soaring wages.

One of the Whitehall bodies - the Department for Work and Pensions (DWP) - facing the most pressing need for agile development skills to support its troubled Universal Credit programme, is setting up an internal digital academy to roll-out training for its staff.

I've written here before about the demise of corporate training budgets and the threat that represents to the UK digital economy. All the evidence emerging continues to point to the pace at which that threat is growing.

Concerted pressure and enlightened activism from the IT sector has seen big strides made in changing the computing curriculum and putting in place a path for tomorrow's generation of digital employees.

But in the meantime, we need similar focus and enthusiasm on bridging the immediate gap and encouraging companies to train IT staff for the digital today.

No matter what else you think, Microsoft's new CEO is a safe hand for enterprise IT

bryang | No Comments
| More
In the space of a few days, a chap called Satya Nadella has become the most written about individual in global IT.

Even though few people outside the circle of journalists covering Microsoft had heard of him, and fewer still have met him, should Nadella read the press coverage of his appointment as only Microsoft's third ever chief executive, he would learn a lot.

He is, apparently, the perfect man for the job. He also is a sign that Microsoft is finished. It's a travesty that an outsider was not appointed. But he offers much-needed continuity. How can someone so close to Microsoft's obvious problems be chosen as CEO when clearly fresh ideas were needed? But it's OK, because he's not going come in from outside and ruin what is a resurgent company.

You choose which one you want to believe.

So far, every possible outcome in Nadella's future as Bill Gates and Steve Ballmer's successor has been confidently predicted. The only prediction you can say with absolute confidence is that somebody will be proved right.

Microsoft is, at this moment, the most successful doomed company in history. For all the justified criticisms of Windows 8 and the mistakes made in mobile technology, the software giant still returned record results for its latest financial quarter.

PC sales may be slumping, tablets and smartphones of non-Microsoft varieties may be in the ascendancy, but IT managers are still buying plenty of enterprise software. This has been Nadella's most recent focus, as head of cloud and enterprise in Redmond.

There are plenty of commentators - this one included - who believe Microsoft will struggle to be a major player in both consumer and enterprise IT. Nadella will quickly face big decisions in this area with the impending integration of Nokia's mobile phone business into Microsoft.

But if there is one message that the choice of CEO sends out, it is to reassure IT leaders with heavy Microsoft investments that the company recognises enterprise is its heartland. Many questions remain that Nadella will have to answer quickly as the dominance of Windows declines, but he will be a steady hand for the IT infrastructure software that so many customers depend upon.

The question that matters on Universal Credit: Do you believe Iain Duncan Smith?

bryang | 1 Comment
| More
Do you believe Iain Duncan Smith?

This is becoming a key question in the progress of the troubled Universal Credit welfare reform programme.

The secretary of state for work and pensions has staked his political reputation on the success of his flagship policy. It has been beset by IT problems, by leaks from disgruntled civil servants fed up with seeing millions of pounds wasted, and accusations from the government's own auditors that it has failed to deliver value for money.

But according to Duncan Smith, everything is fine, tickety-boo, nothing to see here, move on.

MPs on the Work and Pensions Select Committee this week accused him of hubris, obfuscation and using smoke and mirrors in his public pronouncements over Universal Credit. The minister simply refused to accept such claims. "I just don't agree," he said.

In December, he told MPs, "There is no debacle on Universal Credit". This week, he described press claims of disagreements with the Government Digital Service and the Cabinet Office as "ludicrous", although many people know such claims were correct.

If you say something often enough and confidently enough, does that make it true?

When Universal Credit first hit problems, Duncan Smith was forced to initiate a "reset", bringing in the Major Projects Authority to review the project, and they gave a scathing report. The National Audit Office did the same. But to Duncan Smith, this was not a sign of problems, but a display of government at its finest.

He described the process as, "Probably the most detailed and forensic impairment review" of any government project.

Look at us, we analyse our problems so much better than anyone else.

You cannot fault the secretary of state for confidence. In the sporting world, it is seen as a sign of a good manager when he backs his players in public, even when privately berating them.

But does a confident manner work even if what you say is clearly gibberish?

Listen to Duncan Smith talk about open source, digital and cloud as an example. Nobody expects a senior politician to be an IT expert. It would be no criticism of the minister if he were to simply say, "I'm not an IT expert, this is what I have been told, but you need to talk to my IT people."

But no, he talks about open source never having been used at the necessary complexity two years ago; he talks about how it apparently is the most appropriate way to scale up the performance of a system like Universal Credit. What?

These are things that any IT expert would tell you clearly show he doesn't understand what he is talking about. Nobody would criticise him for not understanding a specialist area such as technology and software development.

But he says this stuff with such utter confidence.

In which case, how can you tell the difference between confidently told truth, confidently told obfuscation, or confidently told untruths about any aspect of Universal Credit?

It is surely politics of the 20th century to bluster through, confident in your ability to make people believe that you know what you're talking about. Today, in what is meant to be "the most open and transparent" government in the world, honesty and openness is what it takes to win support.

Let's face it, the £40m written off on Universal Credit IT is chicken feed compared to some of the hundreds of millions - billions even, in the case of NHS IT - that has been wasted in the past on failed Whitehall projects. But it seems a lot more when we have been consistently told that all is well.

The secretary of state's utter confidence provides the context within which Universal Credit must be assessed.

So, do you believe Iain Duncan Smith?







It isn't easy being agile, as Universal Credit and BBC DMI have learned

bryang | No Comments
| More
It is becoming a truism that if you want to be a digital business, you need to adopt agile software development.

It's certainly true that most pure-play e-commerce companies are built around agile thinking, as are most tech startups. And there is growing acceptance in big corporates too. But it's increasingly clear that agile is not a panacea, and if it's handled badly it's something of a curse.

Two high-profile recent examples demonstrate this.

The BBC's Digital Media Initiative, scrapped at a cost of nearly £100m, has already led to the sacking of chief technology officer John Linwood - although he is now taking legal action against the broadcaster in response.

In evidence he submitted to a Public Account Committee hearing, Linwood said that agile methods were adopted from the start, but added, "After the business objected to this approach, we stopped."

Analysis of the project by the National Audit Office implies that many of the problems started at that point, as development continued with unclear and changing requirements, and little ownership from the business.

Look too at Universal Credit, the government's troubled welfare reform programme. It also started as agile - heralded by secretary of state Iain Duncan Smith as the magic bullet that would avoid IT failures.

Agile proved too much for the project to handle, and they soon reverted to conventional methods, and down a path that led to millions of pounds of IT work being wasted.

What seems common to both of these projects is a lack of engagement from the business - or perhaps to put it in another way - a lack of the IT department making sure the business understands the detailed involvement that users need to have in the agile approach.

The old cliché says there is no such thing as an IT project, only business projects. It's certainly true to say there is no such thing as an agile IT project, only an agile business project.

Agile requires a change in thinking and management that crosses departmental and functional boundaries. It's not just a different way of writing code. It's a sure fire way to break down historic barriers between IT and the business, and to get IT managers intimately involved with the priorities of their business counterparts.

But it's increasingly apparent that agile will only succeed if the implications are understood by the business, and there's no getting away from IT leaders having to take the responsibility for educating them.

IBM, Microsoft results demonstrate the pace of change in IT

bryang | No Comments
| More
The latest financial results this week from arguably the two most influential enterprise IT suppliers of the past 30 years demonstrate again how quickly the technology landscape is changing.

First, IBM. The company's hardware revenue is crashing - down 26% year on year in its fourth quarter, following an 18% decline in the previous quarter.

It was no surprise when IBM subsequently announced the sale of its x86-based server business to Lenovo - the Chinese supplier that has managed to keep making a profit from IBM's former PC division.

The acquisition, for $2.3bn and affecting 7,500 employees, was nearly $1bn less than Google paid just a week before for Nest, a company with about 200 staff that makes internet-connected thermostats.

IBM has hung on to its Power systems servers and its mainframes - each of which are much higher margin products than Intel-based servers, and have more strategic importance as IBM builds its cloud datacentres. But sales of both those product ranges fell faster than the x86 servers - down 31% and 37% respectively.

The cash from Lenovo won't be sitting in IBM's bank account for long. In the past few weeks, the company announced a $1.2bn investment in building cloud datacentres, and $1bn to grow sales for its Watson cognitive computing technology.

Before long, IBM's own datacentres will be the biggest customer for its remaining server hardware.

Second, Microsoft. To the surprise of many, considering the general gloom that surrounds every mention of the software giant's name, Microsoft beat expectations in posting record second quarter revenue.

But delving into the figures shows why - enterprise software spending was the star of the show, with SQL Server, System Center, Office 365 and Azure all doing well. Take out the new Xbox and Microsoft continues to decline as a consumer supplier - Surface tablet sales doubled, but Apple still makes seven times more revenue from the iPad. Many of those Surface sales no doubt went to corporate users anyway.

The messages are clear - the historic IT industry is commoditising; hardware is going into the cloud; and it will be increasingly difficult to maintain both a consumer and an enterprise IT business in one company.

IT managers need to closely watch these trends and adjust their supplier relationships accordingly.

When will government IT teams learn they are not as different as they think

bryang | No Comments
| More
We learned today of another government IT fiasco - millions of pounds being wasted at the Ministry of Defence (MoD) on a system for recruiting soldiers and reservists for the Army.

The project was based on a £440m, 10-year deal with Capita, signed in March 2012, with the stated aim "to support the military recruitment and assessment process and the recruitment technology component of the IT platform".

If today it seems somewhat ridiculous to consider spending hundreds of millions of pounds on an online recruitment system, the market cannot have been that different less than two years ago when the procurement was made.

No doubt the MoD would have said at the time that it was different - a favoured refrain of many government departments over the years to justify why they chose to spend huge amounts on large, bespoke software developments.

But a quick search for "online recruitment software" on Google shows the many cloud-based services readily available off the shelf, at a price considerably less than £440m.

Clearly, the armed forces are different when it comes to the jobs they need to fill, and the criteria for selection. But is the actual process of recruitment really any different from any other major employer?

You advertise your jobs, you receive applications, you assess candidates against criteria, put them through a series of tests or interviews, then you offer some a job at the end.

Surely many of the standard, off-the-shelf systems can capably support that service?

Government IT buyers need to accept that, in most cases, they are not as different as they would like to think. The sooner that principle is adopted, the sooner the sort of failures demonstrated by the latest MoD project can be minimised or eliminated.

Government digital drive hit by government immigration policies

bryang | No Comments
| More
As any IT manager who has tried to recruit software developers with digital skills and agile experience will know, there are not enough suitably skilled people on the market.

For those that are available, they can pick and choose - a major retailer looking to improve its multichannel offering; a bank moving into mobile and web services; maybe even a tech startup creating new apps or innovative websites.

So how appealing to this in-demand, skilled - and thereby well-paid - group, is working for a big government department surrounded by bureaucracy and politics, on a public sector wage?

To few people's surprise, the answer is likely to be "not many", as the Department for Work and Pensions (DWP) is finding out in trying to recruit digital experts for its troubled Universal Credit programme.

To be fair, it hasn't been a problem for the Government Digital Service (GDS), which has successfully recruited some of the top development talent in the country from digital leaders such as the BBC, The Guardian and the Financial Times.

But GDS is different - it's a startup culture within Whitehall, deliberately created with an agile culture at odds with most of the civil service. IT experts have been attracted to GDS on short, fixed-term contracts by the opportunity to be part of a team that wants to change how government does business. GDS staff are not and never will be career civil servants.

AS DWP is finding out, it has yet to prove it is an equally attractive destination.

The great irony is that this is a problem at least partly of the government's making. Recruitment experts told Computer Weekly that one of the causes of the skills shortage in digital developers is that as much as a third of such jobs used to be filled by English-speaking immigrants from Australia, New Zealand and South Africa.

The restrictions on immigration introduced by David Cameron mean those skilled IT experts don't bother moving to the UK anymore. And with the ever-decreasing numbers of students studying or taking jobs in IT - and the near-elimination of training budgets for existing staff in many companies - there's no short-term solution either.

Successive government have been warned about the long-term effects of the IT skills shortage for many years - now this government is suffering as a result.

Universal Credit IT: What we know; what we don't know

bryang | 1 Comment
| More
"There is no debacle on Universal Credit" declared Iain Duncan Smith in his opening salvo to MPs on the Work and Pensions Select Committee this week.

The beleaguered secretary of state yet again refused to accept that there is any problem with his flagship welfare reform, a programme that will define his political career in government.

A highly critical National Audit Office (NAO) report in September, and the hammering his senior officials took at the hands of the Public Accounts Committee (PAC) that same month, were dismissed as historic records of past problems that are simply no longer relevant.

"The IT is working," declared Howard Shiplee, the director general of Universal Credit, one of the UK's top project managers in the construction industry, brought in by Duncan Smith to turn around the programme last May having overseen the building of the Olympic Stadium.

"A shambles," countered Labour's shadow work and pensions secretary, Rachel Reeves.

The Department for Work and Pensions (DWP) obfuscated for months when we now know that Duncan Smith had ordered a top-to-bottom review of Universal Credit in 2012, insisting all was well when we subsequently learned it was absolutely not.

So he can hardly be surprised when critics and press alike express a certain cynicism over the true progress being made.

Much has been revealed in the past few months, and this is an opportunity to step back and look at what we know, and what we don't know, about what is happening on Universal Credit.

A "twin-track" approach

At the PAC hearing, Howard Shiplee revealed that he was close to making a recommendation on the way forward for the IT developed as part of the Pathfinder pilot project. That IT had already been the subject of much disagreement.

The DWP admitted at the time that £34m of IT work - out of a total of £303m spent - had been written off, or "impaired" in accounting-speak. The Cabinet Office's Major Projects Authority - brought in to review Universal Credit earlier in 2013 once the depth of problems had become clear to Duncan Smith - described the IT developed so far as "not fit for purpose", and suggested a further £140m could be written off.

Shiplee insisted that much of the IT still had "utility" and his review would determine how much.

A behind the scenes disagreement then followed - some sources used the word "row" - between DWP and Cabinet Office, and between Duncan Smith and Cabinet Office minister Francis Maude, over the best way forward.

The Ministerial Oversight Group tasked with making decisions on Universal Credit were presented with two options: To throw away all the IT developed so far by suppliers IBM, HP, Accenture and BT, and start again; or to salvage as much as possible in the short term, while developing a new "enhanced" IT system that will support full roll-out of Universal Credit by the end of 2017.

Maude, it is said, favoured starting again, with the Government Digital Service (GDS) that he controls taking the lead. Duncan Smith felt that writing off so much IT was politically unacceptable.

While this was going on, GDS was working with DWP to design a "digital system" to take Universal Credit forward.

The end result, announced last week, was a victory for Duncan Smith - a new "twin-track" approach will see the existing IT continue to be used and developed as the Pathfinder expands to other parts of the country, while a new "enhanced" and "digital" system will be developed in parallel.

We are left free to make whatever assumptions we choose from the fact that GDS has stepped back from its involvement in developing the new system.

Both of those twin tracks warrant further analysis.

Written off or re-worked?


DWP has now "impaired" £40.1m of IT work. When MP Glenda Jackson asked during the select committee meeting what "impaired" meant, one of her colleagues muttered, "Down the drain".

Mike Driver, DWP's finance chief, insisted that every IT project includes a degree of "re-work" citing figures from Forrester Research that claim it is not uncommon for as much as 40% of any development to be re-worked before reaching a working solution.

I haven't read that Forrester paper, but I suspect its definition is subtly different.

A further £91m has been declared as an asset, but will be written off over five years, instead of the planned 15. In front of the committee of MPs, Driver insisted the NAO had given a "clean audit" and approved the move.

The very next day, an NAO report on the DWP's latest accounts described that decision as "a major change in accounting treatment" and highlighted "uncertainty over the useful economic life of the existing Universal Credit software".

The NAO went on to say: "[DWP] now expects to write down £91m of the remaining assets to nil value by March 2018, due to the considerable reduction in their expected useful life. While this is the appropriate accounting treatment, it should not detract from the underlying issue that the department has spent £91m on assets that will only support a limited service for five years, with clear consequences for public value."

Five years means the software will be written off by the time Universal Credit goes fully live - it is work that will play no part on the final delivery. DWP justifies this by saying the Pathfinder IT is being used to learn about how best to deliver the new benefits, and to take feedback from users and claimants during the early roll out to a very limited number of people.

According to the NAO, DWP will spend a between £37m and £58m of additional investment on the existing software as part of that process.

Everything that the £91m of software and much of the additional £37m-£58m is used to learn will eventually be delivered by an entirely new piece of software developed in parallel, not the software upon which the learning is gathered. You can decide for yourself if that is a worthwhile use of taxpayers' money, or merely delaying the fact that cash has been mostly wasted.

Digital, but not "digital by default"


The select committee had a few particularly surreal moments when discussing the differences between the existing IT and the new "enhanced" system.

When asked to explain what had changed, Shiplee - by no means an IT expert, and asked by MPs to use layman's terms - said that DWP had been building a "conventional system" with "lots of hard drives" and "big memory banks".

"The digital approach is very different," he said. It does not need "large amounts of tin", and revealed it would use open source and "mechanisms to store and access data in that [online] environment", which will be "much cheaper to operate and to build".

When asked why that approach was not adopted from the start of the project, Shiplee said, "Technology is moving ahead very rapidly. Such things were not available two and a half years ago."

That's a claim that would rather surprise those IT experts that have been using open source for two decades, not to mention the GDS team that successfully redeveloped the entire government website estate using open source and cloud technologies over the past couple of years.

We also learned that Universal Credit will no longer be "digital by default" - the GDS digital strategy mantra for redeveloping online public services. That had been an "aspiration too far", and Shiplee cited security concerns as being the reason for the change.

Bear in mind that GDS sees its identity assurance security programme as absolutely central to "digital by default" public services.

However, the new system will instead be just "digital". Duncan Smith said digital by default had proved "overly ambitious".

Welfare reform minister Lord Freud added: "When people say it's not digital by default it's a minor thing because there are some things we can't do because of security reasons."

That's a line I expect GDS chief Mike Bracken would privately dispute with some force.

So we are left with a system that will be digital, but not by default. Your guess is as good as mine.

What's more, the digital system will again be developed using agile methodologies - an approach that was initially lauded by Duncan Smith in the early days as the way to avoid costly IT failures, then subsequently scrapped.

DWP has recently recruited a new digital chief, Kevin Cunnington, from Vodafone, who, we must assume, brings new agile skills to the table that were previously lacking.

I've been told by sources that Cunnington and Shiplee have already had "disagreements". Shiplee was asked by the select committee about rumours of disagreements on the way forward - presumably in reference to the Maude / Duncan Smith debate - and he dismissed this as nothing more than you would expect on any major project. Presumably any differences of opinion with Cunnington are the same.

The NAO this week described the new system as having "uncertainties over the exact nature of the digital solution, and in particular: How it will work; when it will be ready; how much it will cost; and who will do the work to develop and build it".

So, nothing to worry about there.

"The IT is working"


The DWP line continues to be that the IT is working. This has been a statement made by officials again and again, even during the times when we later learned the IT was not working and was instead being deeply analysed by the government's own Major Projects Authority to see if it was any good at all.

The issue here seems to be the definition of "working".

The Pathfinder system, we learned from the September NAO report, has limited security features, no fraud detection, does not allow claimants to change their personal details online once submitted, and only caters for the simplest category of potential claimants.

Sources also say that the amount of manual intervention needed to process claims means it takes longer to complete a transaction than the existing systems used for benefits such as Jobseekers Allowance.

So, if you define "working" as being a system that has poor security, no fraud detection, does not meet user needs, does not cater for the vast majority of claims, requires a lot of manual intervention, and will not be used for the final roll-out, then yes, it's working.

The DWP will say that as this is a Pathfinder, it is being used to "find a path", to quote permanent secretary Robert Devereux. It can be used for the limited functionality for which it is required to be used.

It does not, however, work well enough to cope with the 1.7 million claimants that Duncan Smith claimed in March would be on Universal Credit by 2015.

Next year, this system will be further developed to cater for couples, and children, with all the extra complexities that requires. It will be used to "learn" about processing those more difficult claims. And it will then be thrown away and replaced by the digital system being developed in parallel before Universal Credit is rolled out to three million people during 2016/17.

Delaying the risk

Sources say that Duncan Smith had two priorities when deciding on the revised plan for Universal Credit - to minimise the IT write-off, and to get people on the system (either system) as soon as possible.

Even then, the new plan sees significantly fewer people being migrated to the new benefits by 2017 than the DWP had originally intended - 2.9 million instead of the previous target of 6.1 million.

The vast bulk of claimants will never see one screen of the existing IT system that will eventually be thrown away - their details will only be used in the new "enhanced" and "digital" system in development.

Between £25m and £32m will be spent to the end of 2014 on the digital system, with the aim of having just 100 initial claimants processed as a trial.

As a result, it has been estimated by DWP that during the 14 months leading up to the Universal Credit deadline of the end of 2017, more than 200,000 people will be migrated from old (non-Universal Credit) benefits system to Universal Credit every month.

That figure comes from DWP insiders, but is validated by the estimates made by the independent Office of Budgetary Responsibility (OBR) to accompany the government's Autumn Statement last week.

That mass migration is entirely back-ended on the project, and its scale is such that it can only represent an enormous risk to the 2017 deadline. Sources say that DWP staff "audibly gasped" when they heard the figure of 212,000 average monthly migrations first mentioned at an internal meeting in October.

The OBR said, "There is clearly a risk that the eventual migration profile differs significantly from this new assumption", highlighting the challenge of such a back-ended roll-out.

The NAO pointed to "significant levels of technical, cost and timetable uncertainty."

Even if the DWP has a working digital system ready to receive 212,000 monthly migration before the end of 2016, that figure still represents a massive risk to achieving the 2017 deadline.

It's a risk that Labour would do well to consider - whoever wins the next election in 2015 will be responsible for overseeing that migration.

What is the role of the IT suppliers?

The four main IT suppliers to Universal Credit - IBM, Accenture, HP and BT - have been notable by their absence in the debate around the mess so far. To be fair to them, they have effectively been gagged by DWP, and any queries around Universal Credit are politely (well, mostly) referred back to the department.

It is amazing how lightly they have got off so far. The main criticism has come from the Public Accounts Committee, which questioned the conflict of interest inherent in asking those suppliers to assess the value for money of their own work - "Marking their own homework", as one MP put it.

DWP has consistently refused to publish those assessments, despite Computer Weekly requesting them under Freedom of Information laws.

With the new twin-track approach, it is unclear to what extent the four firms will be involved in the new developments, although they will almost certainly be involved in work on the existing, to-be-phased-out system.

Shiplee suggested to MPs this week that he would seek to renegotiate contracts. Currently the suppliers work on a time-and-materials basis, and were under such poor financial controls, said the NAO, that nobody was able to say what invoices related to what work delivered. Shiplee wants to move to a fixed-price contract, which in the circumstances surrounding the existing systems seems eminently sensible.

However, a fixed-price contract tends to suggest that the suppliers will not be working so much on the agile development for the digital solution - no supplier's legal team would accept a fixed price without a specified requirement, which runs contra to the iterative principles of agile. That was the reason why time and materials was considered appropriate for the original contracts, which were meant to be for agile work.

Sources suggest that the suppliers work without co-ordination, developing software that is different in look and feel depending on which bit of the system has been developed by which supplier.

One of the suppliers told Diginomica that nobody at DWP is telling them what to do.

When asked what would be the role of those suppliers henceforth, the DWP's response was somewhat non-specific: "We will continue to work with existing suppliers as we develop the new enhanced system and ensure existing systems build into it."

So, what next?

Iain Duncan Smith continues to take the flak and issue denials, insisting - because he has little choice - that Universal Credit will be on time and budget, or at least on the latest time and the latest budget.

His prize is the billions of pounds he claims the welfare reform will save the public purse. Nobody disagrees that Universal Credit is, in principle, the way forward for the UK benefit system. It is only the practice that is under such scrutiny.

The NAO said that DWP "needs to learn the lessons of past failures" - that's about as succinct and understated a summary as you will see.

It is not only the past failures of Universal Credit that need to be learned from, but those of every major government IT disaster of the last 15 years. That is what is so dispiriting about this debacle - sorry Iain, there is no other word - that all the many reports and recommendations about how to improve government IT have been so spectacularly ignored in this one project.

There is, for the first time in many years, a real sense of optimism that elsewhere, government is starting to get IT right, thanks to GDS and the work led by Mike Bracken and chief technology officer Liam Maxwell. Thanks to them, IT now has a seat at the policy table, not just delivery, and GDS has assembled a team with a startup culture, and some of the most talented developers in the country.

It's no surprise GDS wants to distance itself from Universal Credit. But there is little doubt that Universal Credit will be a huge factor in judging the success of IT for this administration - let alone the political success of Iain Duncan Smith.

Much as the secretary of state says the rumours and claims published in the press are wrong - they are not - and wishes they would go away, there is much more to be written about Universal Credit and its IT yet.

Have you entered our awards yet?

Archives

Recent Comments

  • Philip Virgo: I think the incident shows the strength, rather than the read more
  • Mark Craddock: Bryan, I've also produce the following chart which maps the read more
  • Daniel Bromley: What is more interesting is the breakdown by lot - read more
  • Tim Clarke: Want it to live forever? No. Think that Microsoft should read more
  • Bryan Glick: Thanks for that clarification Tim. With that in mind, it read more
  • Tim Hanley: Good article Bryan and I agree with your central point. read more
  • Ian Waring: And by the way, any vendor citing the words "Private read more
  • Ian Waring: Google and Amazon may be going head to head, while read more
  • David Chassels: Yes just as current Government had great ideas and ambition read more
  • Owen Boswarva: My impression is that the majority of people working within read more

Dilbert

 

 

-- Advertisement --