UK government technology interoperability is far from easy
April 2020 in the United Kingdom is a strange time: a global pandemic where beyond the public health crisis and national security issues we see a mass movement away from offices and an over 95% reduction in public transport utilisation.
Working from home, inaccessible ‘high side’ systems (surprise surprise, terminals used for TOP SECRET are not something you take home) and a priority response to COVID-19 has led to a penny dropping moment: UK government organisations (even if we take just the Whitehall departments) use different IT systems and this can make collaboration at pace… difficult.
For the purpose of this post (and y’know, the fact it is published on the Internet) I will only be talking about the OFFICIAL government information classification and Whitehall departments.
I don’t cover a lot of background here but I try to avoid the assumption you already work in the UK government so this should be quite readable to most technologists.
This post is the first of two musings by yours truly. This post covers some background, problem statement and caveats.
The second post discusses what the future could look like.
The problem statement
Each Whitehall department is sovereign when it comes to things like technology choices and information security ownership. They are independent Data Controllers when it comes to the Data Protection Act (2018)/GDPR.
They have their own CIOs, CISOs, CTOs, COOs, CFOs and Permanent Secretaries (for simplicity, a CEO).
While two Whitehall departments may use the same productivity tool (for example, Google G-Suite) these are unique tenants isolated from each other. Further, not all Whitehall departments use Google G-Suite, most use Microsoft Office 365 — again, unique and isolated configurations.
Two departments using Microsoft Office 365 does not mean they can use the features of the platform ‘together’ even if they can within their own organisation.
There is a technical and security distrust between government departments. This isn’t born of anything malicious but simply not knowing what the other department does with it’s IT and how it manages information.
Person A in Department X wishing to collaborate with Person B in Department Y probably:
- can speak over public/private telephony — mostly*
- can email (including attachments) — mostly*
- can video conference (if they both use the same platform) — mostly*
- can free text chat (if they both use the same platform) — mostly*
- can’t live edit the same document (even if the same platform)
Doing the above as a teams of people has… nuance.
*excluding restricted use-cases where a closed ecosystem is required or just where the IT systems are unique and just configured in a bad way. Restricted physical zones also come into play, like courts, prisons and so on.
Then it gets harder
Within a single Department, there is generally more than one IT environment (mostly they are entirely unique/separate from each other).
The Ministry of Justice (MOJ) has at least 6 different IT environments (just at OFFICIAL). Most are entirely isolated from each other in every possible way you can think of.
- people in MOJ Digital & Technology use macOS devices with Google G-Suite
- others in the main central bit of MOJ (bulk of the user population) use outsourced-managed Windows devices with Microsoft Office 365
- people within Prisons & Probations use a different outsourced-managed Windows device solution with Microsoft Office 365 but also a bunch of on-premise
These solutions and users are segregated for some good reasons (also some bad ones). The use-cases are incredibly different in many places.
To say “all of the MOJ” would be a problematic scope in terms of a technology change. To say “how about all Director-Generals?” might be a bit easier, as they are probably on the main central IT solution but that isn’t guaranteed to be entirely true either.
The MOJ is not unique in this position. I use them as an example rather than an attempt to point a finger.
Naming a role or position at a senior level also doesn’t just mean them, it means their Private Office (another 5 or so people that support the person in their role) and others they nominate as “we need them too, as we work closely with them”.
I know of an organisation where they are unable to communicate between two different IT systems despite both using Microsoft Teams (this isn’t a Microsoft problem, its an organisation IT problem) so they use cross-government Slack instead — within the same organisation folks!
Then it takes a step sideways
I’ll leave things like physical meeting rooms for a future Joel to talk about. The line between technology and everything else might be thin… but it is broad.
Interoperability is the name of the game
So here we are, a priority buzz word echoing through the halls of the civil service.
‘Interoperability’ to me as a technologist means — and I borrow from Gartner here —‘workstream collaboration’ cross-domain: the ability for humans to work together on a workstream using voice/video, chat and documents cross-domain (in this case, cross government department).
A workstream is a topic of some kind, together — this might be a bit of policy, legislation or medical supply sourcing/logistics.
The main priority as I write this post is video conferencing. Until very recently, the focus on getting this working has only been for senior members (Director-Generals and above), Secretaries of State, Ministers and the like.
My humble view is that enabling interoperability for just senior stakeholders would be a mistake. Firstly the technology doesn’t differentiate in most cases but also because the entire organisation works. Making things easier for some but allowing them to be harder for others ‘at the working level’ would be the wrong thing to do.
You may have heard about the UK government using Zoom, even the Prime Minister and Cabinet itself.
The use of Zoom doesn’t fix any underlying technical interoperability problems but it does allow a simple feature-rich platform to be used at pace for the senior members I described above.
It isn’t optimal in more ways than one — but it was never designed to be perfect or for everybody to use forever.
While there is much about the security of Zoom, I find the features good — even above and beyond what Google Hangouts Meet, Microsoft Skype for Business and Microsoft Teams offers.
The tip of the first of many spears
Video conferencing is just one tenant of workstream collaboration. Enabling chat and true document collaboration will be a lot harder.
Recorded video/audio conferencing, free-text chat and document sharing presents some rather gnarly information governance challenges.
While departments exchange information all the time, the exchange is generally deliberate and manual. Tying organisations together to allow workstream collaboration at pace will have an open floodgate type affect (in my view, good!)
As each department is sovereign for information governance, they claim (for sometimes bad reasons) they are unwilling (not unable) to allow certain things to happen — for example, allowing guests from outside of their organisation to join videoconferences created by their staff.
In order for true workstream collaboration to take hold across Whitehall, the underlying information governance challenges stemming from information co-creation, co-retention, co-securing, co-archival and co-releasing (FOIA responses, push to The National Archives, de-classification etc) must be overcome.
Programmes like Better Information for Better Government are already working on such challenges, but it is a broad problem space and due to departmental sovereignty isn’t fixed without political (thats small ‘p’) motivation, time and cold hard cash.
One could appreciate the desire for pace and perhaps even frustration that these are not existing capabilities but my personal view is one of “well, if I could have done it before, I would have done so!”
If technical solutions are ‘just’ rolled out or enabled without enough consideration…it will create enormous amounts of technical, governance and security debt that will take far more time to resolve than if they had been considered upfront.
Even more caveats
There are a multitude of caveats but I’ll cover some obvious ones to me.
The cross-government Slack I mentioned earlier has over 2,000 active users and 12,000 registered (as of April 2020) which is an amazing feat in the UK civil service from purely natural growth/adoption.
While the vast majority of ministerial departments are present, so are users from the NHS, Local Government and beyond.
I don’t see any productivity suite replacement being able to compete with such a discussion space. Whatever scope you reasonably set, won’t include the NHS or all of Local Government and beyond.
Slack has great light patterns for users, being able to self-service registration through to finding channels of interest and ‘people who know about’ (based on their own profile metadata or phrases they type a lot). These make it really easy to ‘flatten’ the civil service, find out people who do the same thing as you or are working on a related project.
I have asked people to stop tagging me in success cases because I was getting too many alerts. I firmly believe it saves thousands of pounds of time per month and has unparalleled social benefits including well being / mental health during what can be quite an isolating time.
Single platforms aren’t that great (best of breed versus all-in-one suites)
Likely an unfair comparison but much like a takeaway food joint that produces multiple asian cuisines, pizzas, kebabs and steak at the same time — they can’t possibly do all things well, and at least one thing is going to be terrible.
Okta discussed that a growing number of customers prefer to use best of breed even when they have Microsoft Office 365. Anyone making the choice that Office 365 is the be all and end all for their organisation (or in this case, several Whitehall departments) will be in for pitchforks from their users.
While you can still stitch together best of breed to be interoperable, the license costs start racking up and if you don’t do it by design (that is, the organisation is making choices as opposed to user-led shadow IT) you’re going to have some pretty serious problems. Not all of these systems play nice as well, stitching to me implies imperfection, often with the user at the pointy end.
I do not see a single platform being able to replace the cross-government Slack for a variety of reasons. Whatever happens, in my view, it must live on.