What impact would a Local GDS have on the market?

Some excellent, well considered, thoughtful points


I’ve read some really great posts on all angles of the Local GDS idea in recent weeks from a lot of people I respect.

Ben Welby made a number of cogent arguments in favour.

Phil Rumens suggested why he thought it shouldn’t happen.

Eddie Copeland of Policy Exchange has argued strongly for it to happen – and I find much of merit in his riff about open standards being a critical enabler of change.

Sarah Prag added a particularly interesting flavour to the discussion, really focusing on exploring aspects of the problem rather than jumping to the solution

Rob Miller expresses many opinions I share in his post pointing to the potential stifling of smaller local providers if we take a monolithic approach.

And many people track the whole discussion back to a post by Rich Copley – itself inspired by Dominic Campbell’s tweet in December 2013.


View original post 985 more words

Embrace Shadow Tech or Die

Shadow Tech‘ – we IT folk do enjoy our cool-sounding names don’t we?ShadowTech

The term Shadow Tech refers to the use of consumer technology by the workforce, usually in a way that is not sanctioned by ‘Corporate IT’.

Generally speaking the IT department does not like the  business to use any technology that they (IT) haven’t selected, procured and learned how to support. The instinct of your average IT team is to declare shadow tech verboten, often citing ‘security’ as the reason.

Today’s shadow tech manifests itself in the form of iOS and Android devices. Our employees have them at home, love them and can see how they will help at work – but the IT team says “No, it’s not safe“.

‘ICT as Denier’ is a dangerous role to adopt. I’ve already written about the battle with pernicious ‘security’ but when it comes to shadow tech the real threat is to the IT department – the threat of irrelevance.

We can illustrate the risk by casting our minds back to Shadow Tech 1.0. Less than 30 years ago the IT Dept. was about number crunching and centralised computing – the mainframe was still king. Then in the late 80s and early 90s the Personal Computer (PC) started appearing in people’s living rooms. “Wow!” the people thought “These PCs are great, I can see how this would really help me with my work.”   

The IT Department said “No – that’s not how we do it – if you want some computing doing come to us and we’ll sort it out for you”. So the business promptly ignored IT and went out and bought PCs.

Shadow Tech

PCs proliferated on desktops throughout the organisation and a person in each area would often adopt the mantle of ‘the guy who knows about computers’. Within a few years we had mini-IT Departments all over the place, less control at the centre and an uncoordinated ad hoc approach to technology exploitation.

Wind forwards 20 years and many organisations have now managed to wrest control of ICT back to the centre. The PC (laptop) is ubiquitous but that’s OK because it is now approved and controlled by the IT team. Meanwhile, in the data centre, the mainframes have gone and Windows servers hum away contentedly – all is well with the world.

But hark! Here comes Shadow Tech 2.0 the iPhone and iPad started appearing in people’s living rooms. “Wow!” the people thought “These mobile gadgets are great, I can see how this would really help me with my work.”   

The IT Department said “No – that’s not how we do it – they are not safe. If you want some computing doing come to us and we’ll give you a proper computer”. So the business promptly ignored IT and went out and bought iPads.

Shadow Tech

We know what happens next because we’ve been here before.

(There’s something here that needs exploring around the importance of ‘Institutional Memory‘ in helping us avoid repeating the mistakes of the past – but that’s a post for another day)

Again Corporate ICT loses control – but this time the stakes are far higher. Both the volumes of data and the sensitivity of the data in use are hugely increased compared with 25 years ago. If the end users succeed in bypassing the IT Department then there’s a real risk of a security breach (and near certain compliance problems) – and the users will find a way to use these devices at work because people are clever.

The CIO’s role in this is to act as a trusted advisor to the business. IT should be a door-opener not a gate-keeper. The IT team need to get ahead of the curve and work out how to use these amazing new devices safely. Buy lots of different models and trial different management software then go back to your business users and say “Hey, look – we’ve worked out a way that you can use these things at work.”

But it doesn’t stop there – Shadow Tech 3.0 is already upon us and its name is Software as a nephoService (SaaS). I am a huge advocate of cloud computing and SaaS and I’ve written about this before. SaaS is so good (easy to use, cheap and easy to deploy) that your users will already by eyeing it/using it. Most SaaS tools require little more than a browser – your users are able to purchase their subscription and be up and running on the new application without IT ever knowing about it. This represents a serious threat to the organisation’s data as it is unlikely that the user will have checked that (e.g.) the data is being stored in the EEC.

The CIO’s job here is not to issue a diktat “Staff must not sign up to cloud based software tools.” rather we need to educate staff as to the risk and request that they run all such proposals past the ICT Governance Team so that they can do the due diligence/legwork around security. Sometimes there will be a genuine reason why a SaaS application should be blocked in the corporate world (e.g. DropBox *shudders*) – but usually this stuff is safe to use.

This is ICT adding value to the organisation and it’s a pointer towards ICT’s new role (the inexorable movement from the management of tin and wires to the management of data and risk).

So, be a door-opener not a gate-keeper because, guess what, Shadow Tech 4.0 will be along any day now…

Door-opener not gate-keeper

Door-opener not gate-keeper


Let the Information Flow

lifebloodInformation is the lifeblood of any organisation and, as is the case with actual blood, the consequences of the flow being blocked are just as serious as the consequences of some leaking out.

Clearly it’s essential that public sector organisations protect the data that they hold – that’s a given. None of us want to fall foul of the ICO and, much more importantly, we have a duty of care around our citizen’s data. Getting one’s data security house in order is key concern of any CIO.

But we have another duty – a duty to share information. Public sector organisations must share data internally and externally. Information is what we do – it’s our currency, our raw material, our tool and our product.

Back in 1999 Bill Gates wrote a book called ‘Business at the Speed of Thought‘ in which businesshe set out his vision of how technology could transform an organisation. The point that Gates made repeatedly is that the speed that we do business is largely dictated by the speed at which we exchange data.

We do business at the speed of information exchange – if the information flow is blocked then we are in big trouble.

We should view any change to the organisation which impedes information flow with suspicion. This includes changes which are made in the name of ‘security’.

One of my favorite quotes is:

“A ship is safe in the harbour, but that’s not what ships are for” 

(there is some debate about the origin of this quote but it seems likely that it was first used by John A. Shedd in 1928. I use this quote too often at work and at home – but it’s applicable to so many situations)

“Information is safe on a server, but that’s not what information is for” 

If you want your data to be completely secure you should put it on a server, locked in a data centre and pull out the network lead. But that’s not what data is for.

Over-zealous security measures will impede the flow of information and your organtisation will be less effective. Most of the controls in the PSN code of connection, for example, are very sensible – but a few are draconian/ill-conceived and they have been implemented to the detriment of organisational effectiveness.

A big part of the role of the modern CIO is to be organisational warfarin – an antidote to the coagulating effects of pernicious ‘security’. If a security measure seems over the top to you then you need to push back.

Information is the lifeblood of the organisation – let it flow freely.

Your Call is (Probably) Not Important to Me – In Praise of Email

We all have a strained relationship with our email inbox.

For many people Outlook is work (other email clients are available :-)).outlook

That little orange icon on our desktop can contain a world of pain and email has been getting a bad press recently. Some commentators have bemoaned the fact that people often think that they are ‘doing’ work when they are ‘doing’ email.

Strength of feeling is such that there’s even been a suggestion that email should be turned off outside of working hours.

You’ll hear no such complaints from me – I like email. The beauty of email is that it is an asynchronous communication mechanism. An email lands, you glance at it, triage it and if it’s urgent you act upon it. More often than not you delete it or leave it alone until it needs attention.

Compare this to that most cursed of devices – the telephone. “Answer me now!” it screams.

Bye bye to an old enemy.

Bye bye to an old enemy.

How often have you seen colleagues chatting around a desk – discussing a work issue – when the desk phone rings and the owner of the phone interrupts the conversation to answer it? What this person is actually saying is “I don’t know who is calling or what they want but this unknown person is more important to me than you are.” How rude!

Even worse than the phone is the Johnny-come-lately of synchronous attention seekers – INSTANT MESSAGING (IM). IM is basically email that you have to reply to immediately. It allows people to tip-tap-tap on your computer screen “Pay me attention, talk to me, stop what you are doing and talk to ME ME ME!” No matter how trivial the message – you have to drop everything and get involved in a text exchange.

My time is precious and I have to focus on the important stuff. Email allows me to do this, the telephone (and IM) don’t.

So I’ve long since abandoned the use of landlines. As, I’ve written before I have now diverted my work landline to a message asking the caller to email me. There are, of course, people who I need to be very responsive to, so my boss (etc) is now in the habit of calling my personal mobile. More often than not people will now email me with a quick “Rich, plz call me” – because they know this is the quickest way to get hold of me.

You've got mail.

You’ve got mail.

I like email – it allows me to control my day. I recommend you try giving up on your desk phone – it’s liberating.

When you want milk you don’t buy a cow (or how to avoid nephophobia)

When you want some milk, you don’t buy a cow – you just buy some milk. Stick with me, this is going somewhere.cows

You could buy a cow of course – that would mean free milk forever! But there are downsides:

  • Cows are expensive things to maintain – they need feeding and there are vets bills.
  • You’re probably too busy to look after the cow yourself, so you’ll need to pay cow experts to do it – this is expensive.
  • Cows are prone to cow viruses – if it gets infected by a virus your cow may no longer produce milk.
  • Depending on how much milk you need you’re probably going to have to buy several cows and a big barn to house them.
  • There are lots of very strict (draconian in fact) rules about how cows should be looked after and how the milk should be protected – you should probably recruit an expert in BSN (Bovine Services Network) to make sure your barn is in order and your milk is safe.

Actually – forget it, this cow isn’t giving me free milk at all is it? I’m going to buy my milk from someone else – someone who is a specialist in milk production and produces the best quality stuff.

As you’ve realised by now, throughout my tortured analogy – milk = data, cow = server and barn = data centre.

You want the data – but you don’t need a data centre.

Self Evident?

You’d think so – but I was at a CIO event recently and I overheard a couple of Heads of ICT debating whether they should adopt a ‘Cloud First’ ICT strategy. This startled me so much that some coffee slopped out of my cup – but the coffee wasn’t very nice, so that’s OK.


My organisation has had a ‘Cloud First’ strategy since 2008 and I’d assumed that the merits of such an approach were, these days, self evident. The thought of public sector organisations filling up their various data centres with tin is something that haunts me in those wakeful hours before dawn.

The ICT Department has Nephophobia (fear of clouds).

On reflection perhaps I shouldn’t have been so surprised to hear that some ICT professionals are still debating the merits of the cloud. The fact is that the only people in any organisation who have a particularly strong view on external hosting of systems is ICT and I know from conversations with ICT people from dozens of organisations (both private and public sectors) that the most common view of the cloud among ICT employees is “We don’t like it!”


Nephophobia – the fear of clouds.

We now have many of our systems hosted by the application vendor in the cloud (by ‘cloud’ I mean ‘someone else’s data centre’). I’m not just referring to the odd web-based system here and there – we’ve taken some of our mission critical platforms and put them in the cloud. We’ve found many benefits to having our systems externally hosted:

  • Reduced costs
  • Better visibility of the total costs of ownership
  • Reduced risk and increased resilience
  • Rapid scalability
  • Quicker infrastructure upgrades
  • Increased flexibility
  • More responsive and cost-effective support
  • Increased sustainability
  • Easier remote working

More importantly than all this, though, the cloud is the way in to proper shared services.

For example, most councils use the same education management system from the same vendor – but they host them all on premise, across half a dozen servers (each). When we finally have this system hosted by the vendor (i.e. in the cloud) it’ll suddenly become apparent that we can all use the same platform – we’ll then use economies of scale to drive the vendor’s charges down and we’ll join up our support teams to reduce the number of people we have managing all this stuff.

And that’s just the start of it – watch the animation below for more.

milkThe next time that you’re looking for a system and the vendor says it’ll mean that you have to buy some servers and host them locally just say “No thanks, we’re shopping for milk – we don’t need a cow.” and move on to the next guy.


An Open Letter to Software Suppliers – 13 Ways to Help the Public Sector to the Cloud

Dear Software Supplier,
The public sector is hemorrhaging money. Money
We all use the same systems, but instead of joining up and sharing we are each deploying identical solutions in isolation.
This is costing us a fortune at a time when (by the way) money’s too tight to mention.
A first step to joining things up is to get all this software out of our data centres and in to the cloud.
We’re trying to get to the cloud – we really are – but you’re not making it easy for us. Here are 13 steps you can take to facilitate our journey to the cloud whilst simultaneously making yourselves some money.
1. Be Cloud Ready
This may seem odd coming from a Head of ICT – but we don’t want to have our own IT departments.
We don’t want any tin on-premise. The public sector should not be in the IT business. An analogy – we consume electricity but we don’t run our own power station. We consume data – but we don’t want to run our own data centre – we want Software as a Service (SaaS).
At my local authority we’ve had a ‘cloud first’ policy since 2007. Every time we buy an application or renew a contract we try to get the vendor to host it for us. This is harder to do than you might think.
More often than not the question “Will you host it for us?” is greeted by the exchange of bemused/panicky looks between the vendor’s sales folk.
“Um, we could install some servers in your data centre and then look after it remotely?” Noooooooooo!
Vendors need to understand that, within a year or two, if you can’t deliver your application as SaaS then we are not buying it.
Vendors should be cloud ready – wshouldn’t have to start from scratch every time. I want you to spin up my instance of your application at the touch of a button. So you’ll need to…
2. Invest Upfront in the Platform
You need to have your infrastructure built and ready to go before you enter pre-sales.
Regardless of whether the servers are in your own data centre or Rackspace’s – they should be humming away before we sign the contract.
The tin is not the customer’s problem.
3. Avoid Short-termism (understand our business case)
There are many reasons why cloud/SaaS is attractive to the public sector – perhaps the foremost being that SaaS should be cheaper than on-premise. I say ‘should’ because it usually isn’t.
We tried to move 2 of our largest, mission critical, systems to the cloud last year. These systems are sold by 2 of the largest software houses in the world. In each case the total cost of ownership over 5 years was TWICE as high under a cloud/SaaS model when compared with traditional on-premise hosting. So we bought the tin, put it in our data centre and it’ll now be at least 5 years before we have an opportunity to look again at the cloud for these systems. Frustrating.
The reason that these two vendors were unable to make their SaaS offering compete with on-premise is that they did not take the long view.


As with most services, the bulk of the cost of any IT department is in salaries. In theory IT departments should be able to reduce headcount as a direct result of moving systems in to the cloud. This, of course, is why many IT teams have nephophobia (fear of clouds). IT departments think clouds are evil. 
The problem is, though, we can’t reduce headcount as a result of just a couple of systems going SaaS. If we put some of our databases in the cloud we’re still going to need DBAs because we still have lots of databases. This is a major challenge to the SaaS business case.
What the vendors need to do is reduce profit margins for these early SaaS forays. By taking a hit now they will be paving the way for organisations to put more of their systems in the vendor’s cloud. You need to be at least matching, if not beating, the on-premise cost – otherwise, why would we do it?
Short-term pain for long-term gain.
4. Be Secure
It seems that there are a surprising number of software companies who don’t know much about IT security, PSN controls or the Data Protection Act (DPA).
You need to be PSN experts. You must understand this stuff inside out.
Golden Gate BridgeThe UK DPA states that our data must be stored within Europe. IF YOUR SERVERS ARE IN CALIFORNIA THEN WE CAN’T DO BUSINESS. 
We spend an inordinate amount of time verifying that the vendor’s cloud is secure – endless surveys and toing and froing – sometimes we even have to visit the vendor’s data centre. On one occasion we found that a very large supplier intended to host our sensitive, precious, data in a crumbling Victorian warehouse by a river. No thanks.
You need to get together with other vendors and with Cabinet Office and come up with an accreditation scheme. Some kind of SaaS ‘kite mark’. All we want to have to do, as the customer, is ask to see a copy of your certificate and be comforted that you know what you’re doing.
5. Build in Disaster Recover as Standard
One of the big attractions of the cloud is that it is immune to localised emergencies. Yet it is surprisingly common to find SaaS offerings that don’t include back-up to a second location as standard.
We shouldn’t have to ask whether you back-up our data to a geographically distant location – and we certainly don’t want it included as an optional (chargeable) extra. It should go without saying that you’ve thought about disaster recovery and this would be a condition of getting your SaaS ‘kite mark’.

6. Make Updates/Patches/Releases Opaque to the Customer

When Google adds a new feature to Gmail, or whatever, they do it without any fuss. We generally don’t know that an upgrade has happened until after the fact.

The same should be true of SaaS releases. This work needs to happen behind the scenes without the need for any downtime.
Similarly, improvements and innovations that you’ve developed for one customer should be quickly shared with all your customers (at no extra cost).


7. Get on a Framework
Make your product easy to procure by getting yourselves on a framework such as G-Cloud. Public Sector procurement rules are hugely restrictive and prescriptive – so a product that is easy to procure is very attractive to us.
8. Think About Our Capex vs Opex Problem
Many public sector ICT projects are funded using capital monies – often from prudential borrowing.
We can only spend capital money if we can demonstrate that the investment leads directly to the creation of an asset (tangible or intangible). This is fine for a traditional on-premise delivery model because it’s easy to demonstrate that a tangible asset has been created.
But we can’t use capital money to fund the creation of a SaaS solution because there is no asset being created. At the end of the contract there is nothing that the public sector organisation ‘owns’. Sometimes this isn’t a problem as some organisations will find it easier to lay their hands on revenue (opex) monies, but sometimes it can be a deal breaker.
You can help us here by thinking of ways in which the Saas deal can lead to the creation of an asset that the customer owns. Could you, perhaps, nominate a piece of your cloud infrastructure as belonging to us, the customer, and write this in to the contract? In reality, should the relationship come to an end, we probably wouldn’t want to go to the trouble of availing ourselves of this clause – we don’t want the tin – but the clause’s existence may be enough to convince our accountants that this SaaS project is a genuine candidate for capital investment.
9. Make Short Contracts More Attractive
The days of 5 and 7 year contacts are over. New disruptive technologies mean that we need to be able to react faster than ever before. Look at the way the iPhone has changed the

bohrlandscape – we have contracts that are still running that were signed before anyone had ever heard of an ‘app’.

Predicting technology futures is harder than ever – we don’t know what we’ll need in 3 years time so we don’t want to sign 3 year contracts.

I appreciate that this is a commercial challenge – you’re losing a guaranteed revenue stream – but you need to find a way to make short contracts attractive to us.
10. Encourage Multi-Organisation Contracts
This is our responsibility as much as yours – but it’s important to construct contracts in such a way that other public sector organisations can get on board at a later date without going around the procurement rigmarole again.
When selling your wares you should encourage your customers to contact their partners/neighbours to see if they would like to be cited in the contract as part of a procurement consortium – they’ll thank you for it.
11. Be Device Independent
Hopefully this goes without saying these days, but mobile is king, and whatever your SaaS product is for, it should work just as well on an iPad as it does on a laptop.
12. Be Open
Let us at our data! We’ve got big plans for big data so you need to build your cloud offering with openness in mind. We want APIs included as standard that allow us to easily extract data to work on elsewhere.
13. Allow for Online Ratings from Customers
I’ve never come across a SLA that, when push comes to shove, was fit for purpose. Most SLAs are carefully worded such that it’s very hard for them to be breached and that the criteria for triggering penalties is rarely met.


The purpose of contracts and SLAs is to drive a certain kind of behaviour – ie to increase quality, responsiveness and uptime. But a SLA is a crude tool for this. Much better is a system of open online reviews and ratings by your customers.
This is scary, I know – but your product will definitely get better when everyone is able to talk about it openly.

I appreciate that there’s a lot of pain involved in getting yourselves cloud-ready – but if you don’t do it soon some disruptive new SaaS player will come along and take your business. By the way, if you are that disruptive new player – please get in touch – we’ve got some money for you.

Yours sincerely,
The Public Sector

Digital = Automation (or how to keep your looms clog-free)

Pretty much every meeting I attend these days involves some discussion of ‘Digital by Default’ or ‘Channel Shift’.do-it-online

Often these meetings see me waxing lyrical about digital things and trying not to roll my eyes when someone says “But what about the people who are not online?” (someone ALWAYS says this – I’ve blogged on it here).

Recently, in one of these meetings, I had something of an epiphany. I was being challenged by a non-believer over digital’s business case when I realised that what I was failing to get across is simply this – doing things digitally means that a computer carries out tasks that would previously been done by a human. D’oh!

Digital = Automation

Pretty obvious huh? But once I’d stopped using the phrases digital by default and channel shift and started using ‘automation’ instead I found it much easier to get the message across. We automate processes to make them cheaper, faster and better.


Spot-welding robots on a car production line can get through many, many more cars per day than a human workforce – and they don’t need to sleep, it’s a 24/7 service.

Similarly, by automating a process and putting it online we make our services faster, better and cheaper (and 24/7). Why are online services cheaper? Largely because humans are expensive things to employ and online services don’t need as many humans.

As this graphic shows, an online transaction is MUCH cheaper for the council than a face-to-face equivalent (I believe that these figures are from some SOCITM research). channelshift

As well as helping me explain why digital is better, these thoughts of automation led to a further insight – the reason we’re finding it so hard to ‘do’ digital is that it is being resisted by our own employees. Let’s travel back in time 400 years or so to help me explain….

A ‘sabot’ was a type of wooden clog worn by poor people in 16th century Europe (bear with me, this does have something to do with digital).wooden-shoes

When automatic knitting machines and looms were invented the peasants feared for their jobs. The new looms could make better quality clothes and they could do it much faster than the old hand-looms.

In an effort to protect their jobs the disgruntled weavers threw their sabots in to the inner workings of the loom in order to smash the machinery. From this action we get the word ‘sabotage’. 

This is a lesson from history that we could do well to pay attention to today. Everyone apart from the saboteurs thought that the new weaving machines were a great innovation. The manufacturers could make more clothes and blankets, the consumers got better clothes at much reduced cost. The loom makers were prized for the technical prowess. Everyone was happy apart from the people who used to do things the old way.

turkeyNow, as then, the people who are most likely to block an innovation are the people whose livelihoods are threatened by it. Turkeys are unlikely to vote for Christmas.

It’s hard for a large public sector organisation to ‘do’ digital. But why should this be? Our customers want it – they prefer to do things online. The leaders of the organisation want digital – it saves them money and allows for headcount reduction through automation.

The only people who don’t view digital as self-evidently the right thing to do are the humans who will be displaced by the automation of these transactions.

There is a way to approach this problem that keeps everyone happy. It’s essential that we don’t attempt to hard-wire a link between digital/channel shift and financial savings. This seems counter-intuitive, I know, but if you start your digital transformation by saying “We’re going to channel shift and this will mean we can drop headcount by 10 people by the end of the year” you’re going to find that your looms fill up with clogs and the project is suddenly very much harder than you thought it was going to be. You can’t really ‘do’ digital to processes unless you take the process owners with you – hearts and minds.

Instead, the message should be “We’re going to do digital/channel shift because it will ease your paperworkloads and help you cope with recent headcount reductions – we know you’re buckling under the strain and this project will help with that. What’s more – our customers will get a better service.”

You back this up by not taking any departmental/service budgets to fund the digital projects. Instead you fund this transformation at the centre knowing that there is a self-evident invest-to-save business case. For a small investment you’ll reap big savings.

In a year’s time, when the project is up and running, the people on the ground can see that they now have much less work to do and you find that you can now accept all those voluntary severance applications that you had to turn down last year. Headcount shrinks – incrementally and without too much trauma.

In summary – don’t get hung up on trying to predict the savings you’ll make from digital. It’s impossible for you to accurately put a figure on what you’ll save and to try to do so will result in resistance from the process owners. Instead, be resolute in the belief that automation is self-evidently the right thing to do and know that, to paraphrase Field of Dreams..

If you build it, the savings will come.



Let’s Replace Council Websites with Local.Gov.Uk – a GDS for Local Government

140 characters is not a lot of space, but sometimes a tweet can contain a very big idea. In December 2013 Dominic Campbell (@dominiccampbell) tweeted:


“I reckon it would be possible to build a GDS platform for all #localgov for the price of the new Birmingham Library website” 

If you’re not sure what GDS is then click here.

GDS certainly seem to have no appetite to attempt to tackle local gov – they have too much on their plate already. They have offered to share code, standards, APIs, frameworks etc – the philosophy being that we create a service of ‘small pieces loosely joined’ (a phrase which was originally used as an analogy to describe the Internet) – this means that responsibility for implementing this stuff would be devolved to individual Councils. It’s nice of the GDS to offer to share this knowledge, but I don’t think it’s quite the right approach – we’re already a community of small pieces, loosely joined and we’re in a mess, we’re fragmented. FragmentsRather than being handed a set of tools and the message – “This is how we did it for Central Gov – knock yourself out!” – I would like to see the creation of a Local Government Digital Service which oversees the standardisation and improvement of all things digital in Councils. For the purpose of this discussion I’m defining a Local Government Digital Service as simultaneously being a philosophy, an IT strategy and a central team of people capable of delivering it.

So what problems would a Local Government Digital Service solve, what would the service look like and how hard would it be to create it?


What problems would Local GDS solve?

This bit’s easy – there are 326 Local Authorities (LAs)/Councils in England (http://en.wikipedia.org/wiki/Districts_of_England).

That’s 326 organisation doing, pretty much, the same thing. In terms of IT this means 326 websites, 326 email systems, 326 social care systems, 326 planning systems, 326 education systems etc etc.

This is not quite true as not all LAs have, for example, responsibility as a LEA – but you get the idea.

I estimate that an averaged sized Council will be running around 75 different ‘line of business’ applications – by which I mean the ‘serious’ software that’s used to underpin service delivery, I’m excluding client installs such as CAD or pseudo-systems like MS Access databases and spreadsheets.

326 x 75 = 24,250 software applications. 

So the first benefit of a Local GDS is obvious – increased efficiency through removal of expensive duplication.


The second benefit is around the user experience. Council websites vary in quality enormously – by implementing a single site which features the beautiful design principles of Gov.uk we can standardise content and quality and thereby vastly improve the user experience. Local.Gov.Uk anyone? (The LGA own the local.gov.uk address at the moment – we’d need to shift them)

OK – so it’s a no-brainer, if we could make Local GDS happen then there are serious benefits to be had. But how do we make it happen?

What would Local GDS look like and how might it be brought about?

Part 1: Serving Out Information from Local.Gov.Uk

Councils don’t need to have a website each – we can replace them all with a central Local.Gov.Uk site. Many visitors to Council sites are looking for information rather than wanting to interact/transact with the Council. The same is true of Gov.Uk. Gov.uk is largely about information dissemination – GDS went through the various departmental websites, binned a lot of dross and then re-presented the important info in an accessible way. This bit is relatively easy to replicate for a Local.Gov.Uk:

  1. Identify those bits of information which are common across Local Gov.
  2. Create a Local.Gov.Uk site (same look and feel as Gov.uk) and populate it with the important information.
  3. Cull the old Council sites which are now obsolete.
  4. Save a fortune on Content Management Systems and hosting costs.


Clearly we will need to have a site which recognises that not all parts of the country are the same – some Councils have coastline, some have ports, others have zoos, some have motor racing circuits – the list goes on and all these things bring with them policy and service delivery implications which are not standard across all Councils. Furthermore, as already mentioned, not all tiers of Local Gov have the same statutory responsibilities – not all Councils act as the LEA, for example. These things shouldn’t be a barrier to Local.Gov.Uk though – any transaction/search would begin by capturing the citizen’s post code and the resulting information can be tailored accordingly. Imagine how great it would be for the user of the service to not have to care about whether their area is covered by more than one Local Authority, each with different responsibilities. It reflects poorly on us that we expect our customers to concern themselves with this kind of organisational detail.

Part 2: Transactional Services via Local.Gov.Uk 

A single national web presence for local services would be a huge achievement, yet it would still be just the first step on a much longer journey. Standardising the information we push out is the easy part – delivering transactional services online is where the big challenge is – but this is also where the big savings can be realised.

MyAccountMost Councils have already started implementing some variant of the ‘My Account‘ or ‘Your Account’ service. Often these have the Council’s name appended ‘My Sheffield’ or ‘My Manchester’ and these services will give the citizen some ability to interact with their Council in a way which directly replaces the need to make contact via other channels (telephone and face to face).

This is great news – Digital by Default, Channel Shift – excellent – it’s where we need to be and it’s self evidently the right thing to do. But it’s no small task to make a ‘back end line of business system’ accessible to customers – it’s hard to do and costs OldModela huge amount of money. There are integration tools to buy, APIs to buy, then you have to think about authentication (this is tricky) and finally the Council will create a new website (branded to look like its main site) from which the customer gains access to the back-end data.

Typically it might take a Council 2 years and hundreds of thousands of pounds to get to this point. That’s OK though because as we all know the cost of an online transaction is a fraction of that of its face-to-face counterpart – the investment pays for itself quickly and many times over.

Fine – but ALL the Councils are on this journey – we’re all building identical architecture to do the same thing. We’re all trying to bring about channel shift in isolation.


This is clearly bonkers – but Local.Gov.Uk gives us a way out. We can begin rationalising this model a layer at a time.

First, as already discussed, we remove the need for Councils to host and maintain their own websites. We replace this layer with the elegant simplicity of Local.Gov.Uk:


Next the Local GDS team uses the GDS’ well documented iterative development techniques to write integration with the Council’s back-end systems. This would be done starting with those systems that are most common and/or have the highest volume of transactions. This is not as onerous a task as it might sound – the mission critical systems in Local Gov are shared between just 4 or 5 suppliers. In terms of authentication – we’d also jump on GDS’ ready made identity and authentication tools to crack that (thorny) problem – by the time Local.Gov.Uk goes live nearly all our customers will have registered with Gov.Uk for one service or another.


Once we’ve got to this point it becomes clear that Councils no longer need to procure 326 different instances of each system – why don’t we work together to get bigger, better, cheaper contracts from our suppliers? Delivered as SaaS of course – we don’t need any tin in our data centres:


I’m conscious that I haven’t mentioned the Public Services Network (PSN) in this PSNdiscussion yet. PSN would be a key enabler of Local GDS – PSN is the secure network that joins it/us together and, potentially, could be the place where many of the SaaS systems are hosted – in effect PSN would be a secure cloud for Local GDS. 

Next Steps?

I’ve been ‘doing’ digital in Local Government for (too) many years – so I appreciate that all of the above will be hard to bring about. A significant challenge to Local.Gov.Uk/Local GDS will be catconvincing all authorities to get on board. In a presentation at the 2013 SOCITM conference (see video at the end of this post) GDS’ Mike Bracken (@MTBracken) said – “It was the devil’s own job to get 24 departments to agree to adopt Gov.uk”. Imagine that challenge scaled up to 326 Councils? Ouch. I pity the shepherd who gets the job of herding those cats.

A second major challenge to the Local GDS model is that it threatens the profits of the major software suppliers. The big suppliers – you know who they are – are very happy to sell the same software to 300 customers. Much less attractive is a joined up Local Gov wanting to to buy a small number of shared instances of these applications. The procurement and legal dimensions will be complex – but maybe G-Cloud can help us with this?

A further challenge will be in resourcing Local GDS – but logic tells us that there must be a way to do this by better using existing resources across Local Gov. Let’s assume that each Council has a web team of, say, 4 people – some are bigger many are smaller, but 4 feels about right – that’s roughly 1300 people currently involved in maintaining Council websites.

Add the various IT departments in to this and you’re looking at a standing army of over 20,000 people already employed in local digital services. If we could avail our selves of just 0.1% of this resource (20 people) then we’d be able to create a nascent Local GDS. Or, and this is probably more realistic, if each Council contributed a small amount each year we would have ample funds to make Local GDS a reality.

So, to return to where we started – could we build a GDS platform for all Local Gov for the price of Birmingham’s library website? Well that website cost £1.2m to create and £190k per year to run (http://www.bbc.co.uk/news/uk-england-birmingham-25033651) – this feels like more than we’d need for Local GDS in year 1, but not enough in terms of ongoing costs.  If each Council agreed to subscribe to Local GDS and paid just £3,000 per year we’d be able deliver a Local.Gov.Uk platform which would:

  • Remove the need for individual Council websitesSave-Money.
  • Significantly reduce software support and maintenance costs for a range of systems.
  • Allow for headcount reductions in web/digital/IT teams.
  • Begin to move away from local data centres.

That’s what we used to call an ‘invest to save’ business case in the olden days.

Who could lead on Local GDS? It’s got to be SOCITM hasn’t it? A ready made team of experts in digital government who know what’s needed to transform Local Gov and who are champing at the bit to get cracking.

babyYou may say that I’m a dreamer – but I’m not the only one. If we start small, keep it simple and take baby steps we can do it. 

Here’s Mike Bracken’s presentation at SOCITM 2013, well worth a watch:

How to do BYOD, Mobility, Remote Working AND Maintain PSN Compliance

My Local Authority has recently achieved PSN accreditation (measured against the latest version of the CoCo). compliant

We allow BYOD for anyone who wants it and we have access to Council systems from smartphones and tablets (these can be Council owned or employee owned – it doesn’t really matter).

Around half of our 4500 computer users have the ability to work from home/remotely – should they want/need to – and many of them do.

We take data security very, very seriously so we were delighted when the PSN/CESG people vetted our approach and confirmed that we’re complying with the rules.

We are all aware that the PSN regime is causing much pain for some Councils. Some have had to (temporarily) withdraw mobile working altogether. Others have been threatened with disconnection if they don’t change their architecture.

I’m not privy to the details of the solutions that these Councils have in place – but I feel their pain. My organisation now has a desk to person ratio of about 0.6 to 1 – so for every 1000 Scareoffice based employees we have around 600 desks. This way of working is largely enabled by technology – i.e. we have lots of people working somewhere other than the office. If we were told that we had to shut down our remote working solutions, well, it doesn’t bear thinking about.

So I thought it would be useful if I shared our 3-point plan to achieve PSN compliance whilst still enabling BYOD and remote working for all staff:

            1. Control the end points.

            2. Secure the connection.

            3. That’s it really.

‘Controlling the end points’ means different things for different devices, but for the purpose of this discussion there are really only 2 categories of end point:

  1. Laptopsdevices
  2. Smartphones and Tablets

For ‘proper’ computing – which covers most day to day tasks – your users need a Council issued laptop. Around 80% of our 4500 office-based staff have laptops as their main computing device. They can’t use their own laptop as this makes it too hard/impossible to secure – you need to give them a Council owned laptop. This is a simple move, but it unlocks a whole world of agility and efficiency:

  1. Laptops make it easy to work from any desk – this enables you to shrink your property estate (you also need softphones and ‘follow me’ VOIP numbering).
  2. Laptops can be taken to meetings and thereby remove the need for printing hard-copy agendas and reports. Most people in most of our meetings have a laptop with them – our printing costs have plummeted.
  3. Laptops make it easy to work from the train – the commute becomes productive.
  4. Finally, and most importantly, laptops make it easy to work from home.

Needless to say you have to encrypt the device – but you knew that already. You also have to secure the connection – as per ‘point 2’ of our plan. This is relatively easy to do – we use Cisco’s AnyConnect product to deliver a VPN with 2-factor authentication. When you put these 2 things together (a Council owned laptop and a secure connection) you have, in essence, turned the employee’s home (or wherever they are working) in to a Council office. Whatever they do in the office they can do at home – with no exceptions. Work, after all, is a thing you do – not a place you go.

The other category of ‘end point’ is smartphones and tablets. I’m talking about iOS and Android tablets here – not Windows 8 tablets such as the MS Surface as these are basically just laptops which can easily connected to the Council’s network.

You don’t need to get hung up about whether these devices are Council owned or employee owned – the means of controlling them is the same regardless of ownership. You need to deploy technology which ‘containerises’ the Council’s data. We use Good for Enterprise for this – but there are several solutions to choose from. Good allows our employees to access lots of useful data from a smartphone or tablets, such as:

  • good-for-enterprise-appTheir email
  • Their calendar
  • Their contacts
  • Their task lists
  • The Council’s Intranet (and, therefore, a wealth of self-service resources).
  • The Internet (filtered and logged)

If someone loses their phone/tablet they let us know and we can remove Good and any Council data in a flash. What’s more, data can’t be transferred out of Good and deposited elsewhere on the device.

This technology is available to all staff (with line manager’s approval/business case). If employees elect to have Good installed on their own, personal, smartphones or tablets (BYOD) then that’s great – it saves the Council some money. But if they prefer to have a Council owned smartphone with Good on board then that’s fine too (we are phasing out Blackberries entirely and replacing them with smartphones + Good).

In addition to Good many of our Members and senior officers use the Mod.gov app to give them access to Committee papers. This is wonderful app – it’s completely secure and allows documents to be annotated in a really intuitive way.

Now, to be super clear – we don’t allow access from phones and tablets to GCSx email accounts or any PSN data or systems.

At this point I’ll quote Steve Halliday who has blogged eloquently on Solihull’s BYOD solution, (which is very similar to ours):

“For the avoidance of doubt BYOD access to PSN is not compliant. But it is possible to have PSN compliance and allow users BYOD access for most systems and information – so long as the BYOD devices can’t access PSN data.”

Like Steve, I believe that PSN data will one day be allowed via BYOD but, honestly, I’m not sure we’d ever be interested in enabling this. I don’t see the need to access sensitive data from mobile devices – that’s not what mobility is about. Smartphones and tablets (BYOD or Council owned) are great at allowing you to stay connected when away from your laptop – but I don’t think there’s a real business need (now or in the future) to deliver our most sensitive data through an iPhone. By implementing a ‘walled garden‘ architecture you can allow BYOD to get in to the ‘day to day’ stuff whilst keeping PSN data/systems/accounts safely walled off. Everybody is happy.Walled Garden



It is undeniable that some Councils have ‘kicked the can down the road’ under previous compliance regimes. “Oh yes, of course I will fix X, Y and Z – just leave it with us” – 3 years go by and X, Y and Z are still extant. It’s this kind of behaviour that the zero tolerance approach is designed to tackle. Having said that, I would agree with John Jackson (CIO at Camden) when he warns that draconian PSN rules are a real threat to efficiency, innovation and transformation. In my opinion, the biggest challenge does not come from the controls in the PSN CoCo, rather it comes from the language/body-language being used. It’s all a bit ‘us and them’ at the moment. I would ask that the Cabinet Office makes 2 simple changes which should reduce tension for all concerned:

1) Please try to remember that Local Government is different to the MOD, MI5 etc. Sure we store some important data – but the vast majority of what we hold is low level stuff.

2) Please do more to help Councils towards the right answers. As well as telling us “This is not allowed” we also need you to follow up with “but you might want to consider doing it like this”. Or, to put it another way – we need the Cabinet Office to work with us on solutions. It’s in everybody’s interest to find a way to allow mobile access to data – if I were a MI5 spook, for example, I’d be nervously eyeing BlackBerry’s predicament and wondering how I’m going to be able to get at my email if/when BlackBerry has gone.

Of course it’s not always Central Government who are saying ‘no’ to BYOD. Many IT Departments are scared of BYOD – they just don’t like it because it feels wrong and it threatens their hegemony. Sometimes they will hide behind the CoCo when telling senior management that they can’t use their iPhone for work – this is folly. Much better to sweeten the bitter pill that is Outlook Web Access removal with the wonderful alternative of iPhone access to Council email.

BYOD is not a tide that the IT Department should be attempting to hold back – it’s futile. If you don’t enable access to Council data from smartphones and tablets then you are canuteputting your data at risk. If you don’t find a secure way to give your users the convenience of access from the devices that they know and love then they will find a way to go around the IT Department:

Fine, I’ll just send the document to my Gmail account!

Aaaarghhhh! The data has left the network and is now in the wild – this is not the kind of behavior that you want to encourage – but that’s just what you’re doing if you don’t give your users an alternative. BYOD is here to stay and your users will do it – either with you or despite you – make sure it’s the former.

You are Staring at your Twitter Reflection

Twitter encourages narcissistic behaviour. narc

We see a retweet that we like the content of and, naturally, we follow the author. In this way our timeline fills up with stuff that we like.

Occasionally someone we’re following will tweet something that we don’t like or disagree with so we unfollow them. In this way our timeline is continually being tweaked and cleansed.

There are Darwinian principles at work here. Only the fittest tweeters survive our (unnatural) selection process but, crucially, ours is a kind of reverse evolution which favours homogeny rather than diversity. darwin

homogenyOur constant weeding of our timelines leaves us following a set of tweeters with a very narrow view and a set of opinions that makes us feel warm and fuzzy about life.

We’ve ended up with a timeline which is really just our own opinions played back to us. We are following ourselves. When we look at Twitter we are just staring in the mirror.

So what?” I hear you ask.

It’s only natural that we select a list of people and organisations to follow whose views closely resemble our own. That’s fine – but the risk is that we end up with a Twitter that tells us that the world shares our own opinions – that everything is OK and that there’s nothing to worry about.

Healthier, I think, to follow at least a few people from the right if you personally lean left – and vice versa. Similarly, if you distrust the public sector – follow a few of the best Government tweeters.

By listening to as broad a cross section of the marvellous Twitter zoo as possible we can learn more, be more open minded, and be better are what we do. Or to put it somewhat more cynically – know your enemy. mirror

Otherwise we’re just staring at ourselves in the mirror which, as a pass-time, is about as unproductive as it gets.