How many public sector programmes have been driven by replacing technology that has reached the end of its life? Not just XP to Windows 7, or Windows 2003 server, but time and again, with products across the broad spectrum of vendors, and Open Source too.
The typical scenario is something like this:
- The IT services (applications/ infrastructure/ whatever scope is relevant) had a major refresh about five years ago, bringing everything into vendor support and compliance with security good practice. A shiny new IT service was born.
- Funding was tight, so patches have been applied, mostly, at least to operating systems, critical infrastructure and perhaps to applications, but with no major upgrades. The shine fades, but mostly the users are happy, and the business gets what it wants.
- But then the awful day dawns when you realise that somehow the systems didn’t keep pace, agility is lacking to meet new business imperatives, hardware is becoming tired, users are unhappy and there is a looming end-of-life date. Now it all needs to be done again.
Anyone who has delivered a “technology refresh” for a major IT service will know how complex and costly it can be.
There can be hundreds of interdependencies to unscramble, conflicting or not-yet-announced vendor support, significant architectural changes and long test, release and migration projects. Not to mention user and business impacts ranging from acceptance testing and outages to loss of function and training for new systems and interfaces.
The GDS Design Principles ( https://www.gov.uk/design-principles ) focus on outcomes and services, and making things open. But interestingly they don’t say anything about future-proofing. A search of Gov.uk for “evergreen” turns up references to evergreen rainforests and hedge height disputes.
By way of contrast, the MOD Defence as a Platform programme has “Evergreen” as one of three primary aims – “services procured under DaaP will be comprised of components that are always up-to-date, extending beyond what the user sees and encompassing the underlying infrastructure.”
The challenge for the public sector is that upgrading the underlying infrastructure, on its own, is costly and may deliver few visible benefits to the business. After all, for the most part, users are not aware of the paddling going on beneath the water-line.
So what changes always make sense and what technologies can help the public sector workplace future-proof?
At one level, the move towards cloud, including platform and software as a service, is an attractive solution. Cloud makes infrastructure refresh someone else’s problem, abstracted out of view and baked into pay-as-you-go pricing. CSC BizCloud offers a similar model on-premises, where public cloud is not yet sufficiently trusted.
The launch of sovereign-hosted UK services for Microsoft Azure, and the forthcoming AWS UK Region should signal to public sector organisations that this is their future too. Federal U.S. is several years ahead of the UK with the AWS GovCloud Region, which CSC migrated 300 of our own corporate servers to when the CRSA company was carved out in 2015.
Another approach comes from moving toward an API economy, with modern digital applications loosely federated and orchestrated for service. Through application test and release disciplines are still needed to protect IT services, loosely federated applications should be easier to maintain and update. Even modern software services “born in the cloud,” such as Salesforce.com and ServiceNow, require skill and discipline to maintain at the latest version.
However, neither of these are panaceas. The public sector has systems that won’t fit either model for the time being, due to scale, or security needs or technology choices. And the hardware problem won’t entirely go away – think distributed networks, user access devices and printers. Even Windows 10 and Office 365 won’t stop databases and firewalls from needing to be upgraded.
Though there are more approaches than there is space to discuss, an overarching question for the public sector is whether “evergreen” provides value for the money. Perhaps more important is a focus on the governance of IT architectures, roadmaps and integration, especially where multi-supplier ecosystems are being procured.
As the UK public sector explores new and arguably more complex governance and service models, the emphasis needs to shift from technology to digital services and outcomes. And a wide range of future-proofing approaches will be needed for the foreseeable future.
Paul Treece is a sales solution principal at CSC with a specialty in public sector. He works as a senior lead deal architect/ chief technology officer, providing technical, programme, service, cost and commercial leadership through all bid stages and into delivery.