A digital transformation project can be a major undertaking for any organization, whether large or small. So understandably there can be challenges and issues along the way. Confronting these issues is key to a successful digital transformation.
An illustrative example of the challenges of digital transformation comes from a current project being undertaken by the British government. A recent inquiry was held by the House of Commons Science and Technology Committee, questioning ministers and Civil Servants from the government digital Service (GDS) office about the government’s progress with regards to its digital transformation targets. As the Register puts it, “Among these concerns are that efforts to reduce vendor lock-in and bring IT in-house, kicked off by Francis Maude in 2011, have lost momentum.” The progress towards replacing older technology with new digital replacements seems to be “grinding to a halt”. The grilling, held by MPs, led to the realization that the Civil Service may be struggling to hit its stated targets. Even more concerningly, they may have misunderstood the process of digital transformation all together. Three specific passages of the hearing stand-out. Each illustrating an issue worthy of discussion.
"In general terms, we've succeeded almost completely on digitization in its simplest term, which is a digital interface. The challenge is how we ensure end to end – that all the processes behind – are being done digitally."
The reality is that digitization ‘in its simplest term’ is not ‘a digital interface’. Merely changing the interface from that of a non-digital one to a digital one is only one aspect of digitization. In fact, it could be argued that digitizing the front-end is actually the least important element of digitization. While a digitized front-end might be the most immediately striking outcome of digitization, digitizing the underlying system is much more important. Digitizing the underlying system is where the real productivity gains from the project can be found, and will allow for a streamlined, responsive and modern technology estate. Removing inefficient, uncoordinated or even analogue processes from the technology estate via digitization should be the main goal of the project- not merely an updated interface.
In this spirit, digitizing the front-end of a system should ideally be the final step taken. It is also unwise to digitize the front end and then attempt to “work backwards” from it. Digitization must be end-to-end to be a meaningful and long lasting. In these terms, and Dowden even admits it, the project is a long way away from proper end-to-end, so “that all the processes behind- are being done digitally.”
Moreover, changing a layer of the process to look ‘digital’ has the potential to add even more complexity to the issue. The result is adding another bolted-on element to a process, without streamlining the entire system. Instead, it is far better to digitize an existing layer, and all the other layers and processes that work alongside it, leading to a better long term outcome. Instead, the path taken by the government team amounts to papering over the visible problem, but leaving the underlying issue intact. This cannot therefore be described as a root-and-branch transformation.
“When asked similar questions about the risks of legacy technology lurking across government, Cunnington noted that every department had to rely on it, because replacing functional tech was rarely prioritized over new policy requirements.”
The second major issue thrown up by the grilling of GDC, in this case the head of the organization, Kevin Cunnington, is the approach of the government to resource allocation and technology procurement. As Cunnington notes, the issue is rarely given major priority, and this is leaving most of the government using older technology which just about works- while money is prioritized for “new policy requirements.” This dilemma shines a light on the poor prioritization at play, and the fact that budget is not being allocated to meet long-term goals.
This is especially true given that the founder of the GDC, Francis Maude set in-house development as one of the organization’s major priorities. Digitization is a worthy goal for any organization- but must be matched with the correct level of budgetary resources. Otherwise the outcome will be similar to the situation GDC finds itself in- an ad-hoc solution which involves digitizing only the most visible parts of the technology estate. Leaving the actual goal of digitization incomplete, even potentially setback due to the now extra layers which have been added to a subpar system.
The ultimate goal of digitization is simplicity- streamlining the entire process. If budget constraints mean the underlying system cannot be properly tackled, and instead layers are added to give the impression of progress, then the overall task has actually been made more complex: not less.
These competing demands point to a team being set a task which is too complex, with too small a budget available to them. To be fair to Maude, the preference of having systems completed in-house can, in some circumstances, be understandable. It can offer consistency, transparency and security, but in this case it is proving to be a road block to fast, simple solutions. In-house projects can be expensive and cumbersome, as elements have to be sourced and worked on internally. And as the inquiry shows, can often show themselves to be bigger and more expensive than expected. A better solution is to prioritize market-driven solutions to problems. By prioritizing smart, agile purchasing the government can be sure a solution is always on offer, and one which will usually cost less and be quicker to implement, due to it already being available to purchase on the market.
An understandable response to this could be the concern of vendor lock in. If the government outsources solutions to the market there is a potential for the government to sign contracts committing them to use certain technologies- even when those technologies are no longer efficient or cost effective. In response to this it is important to understand the huge purchasing power the government holds. The purchasing power present in government projects is so great that, with the right handling, the government should be able to avoid punitive or limiting contracts, and instead encourage a robust market of competition to bid on its projects.
The best way to ensure this outcome would be for the government to prioritize procurement expertise within its technology department, rather than developers. Prioritizing contract negotiators, sales executives and lawyers, to create the most effective negotiating team possible, will lead to better outcomes. If the team is well funded and comes to each software evaluation with a high level of expertise, then vendor lock-in can be avoided in favor of contracts and projects favorable to the government.
Security is the top priority for any organization, especially for the government, so it can be an understandable motivate for digital transformation. Turning an ad-hoc mixed system of physical and digital data into one codified digital system is a great way to bolster security, and future proof an organization’s technology estate.
“However, he acknowledged there "is a real security concern" driving organizations to move off legacy kit and that it was important to move away from it as quickly as feasibly possible. But Cunnington also indicated there were budgetary implications at play.”
Dowden clearly acknowledges this motivation to ‘rip and replace’, believing that this is the best way to digitize their entire estate. But it is this ‘rip and replace’ attitude which is a root cause of their problem.
Part of this is due to a misunderstanding with regards to so-called “legacy systems”. Legacy (as in “old”) systems such as outdated versions of software, redundant PCs, printers and obsolete technologies like floppy disks are justifiable targets for “rip and replace”. In fact, replacing insecure software, old operating systems such as Windows Vista, or technologies which take up space with little benefit, can be a great source of quick wins and efficiency increases. But when this attitude gets applied to established, dependable systems such as Mainframes or AS400s, it can be counter-productive.
Mainframes and other types of back-end legacy systems are often unfairly targeted due to their “green screens”. Green screens might look less advanced than a full-color PC, but their simpler graphics does not mean the underlying technology is inefficient or subpar. This connects back to the discussion about front-end digitization: attempting to solve only the most immediately visible problem- while misunderstanding the underlying situation.
In fact most green screen systems are exceptionally efficient, safe and reliable. So much so that they are used by 71% of FTSE 500 companies. In this sense, moving away from legacy systems in response to the security challenges they contain is often an overreaction. The legacy systems themselves are rarely the issue at play- instead it is often a problematic terminal emulator which is proving a weak point. An example of this is certain client-side emulators, which require downloads and plugins to function- an understandable security risk for any organization. But this threat is not present in server-side or html based emulators. Therefore, with the right terminal emulator- primarily a browser based, pure html emulator which can be centrally maintained- security can be assured at the highest possible level.
Client-side emulators have been hit by numerous scares and setbacks over the past few years, most notably Java’s depreciation of the Java-plugin frequently used in commodity emulators. So the trepidation of the GDS when approaching the security of legacy systems is understandable, if misplaced. Client-side emulators also lack the ability to centrally configure and monitor all units on the system. If an organization requires frequent additions and patches to its software than client-side emulators necessitate individually updating each computer currently using the system. A browser-based alternative however, can be centrally maintained and updated. Patches can therefore be transmitted quickly and easily to each and every machine using the emulator- meaning a smooth a consistent security apparatus without the need for added legwork. For a government computer estate, where multiple machines in multiple locations are likely running emulators accessing numerous secure databases- this kind of central organization is a must.
Returning to the former point about the importance of strong, clued-in procurement operations. Numerous market solutions such as, by example, Jubilant Terminal Emulator already offer end-to-end browser based security. These systems have been fully tested by KPMG, and are strong enough to be used on military bases. Of extra benefit is the fact that many British companies, such as Jubilant, are already leaders in the terminal emulation industry. This reduces security risks and continuity issues- while also ensuring that the government can procure the latest technology at efficient, market rates. Especially when this situation is compared with the potential for a more expensive, less responsive government alternative, this situation should be taken full advantage of. With such a solution available on the market right now, it highlights how ineffective the government’s prioritizing of in-house solutions is. A solution to the GDS’s legacy concerns is already available- and would be dramatically more cost effective than a cavalier rip-and-replace directive.
Instead a better approach would be to aim for a centrally maintained and deployed system, which would offer the apex in security and consistency. Having a central system allows for the deployment of security patches. Instead of patching each individual machine one central system can deploy updates consistently across the entire technology estate.
While it’s easy to have sympathy for the GDC, when faced with such a major task as digitization of the entire UK government’s technology estate. The reality is that there are clearly better routes that their digital transformation project could be taking. Even if it is too late to reverse the decisions made in the years since the GDC’s founding in 2011, the difficulties it is running into can serve as a warning sign to other organizations on what not to do. Learning these lessons can lead to a more streamlined, cost effective and more productive digital transformation project- which is something all organizations, as big as a government- or small as a start-up would want.