As much as half of government’s near-£5bn annual spend on IT is dedicated to the maintenance of ageing or unsupported tech. A range of digital leaders tell PublicTechnology about the issues they face with legacy, and how they can be addressed.
Credit: Max Pixel
“The move from legacy IT and contracts to a future of services designed around user needs; smaller contracts; shorter terms; a more diverse supplier community that is welcoming to SMEs; open standards; open source; more use of commodity. These are the new parameters.”
According to the annals of GOV.UK, the statement above, made in 2012 by then Cabinet Office minister Francis Maude, represents the first reference to legacy technology in public comments made by a senior official or minister.
The Government Digital Service, the creation of which had been championed by Maude in part to help address the issue of ageing or ineffective technology, was less than a year old at a time.
The organisation recently celebrated its 10th birthday and, following the September appointment of Steve Barclay as Chancellor of the Duchy of Lancaster, digital government has now also been overseen by 10 different ministers since Maude departed the front benches in 2015.
While Barclay’s face may be new, the issues he inherits are not. But the persistence of the problem means that the new Cabinet Office chief arrived at the department with what seems to be a well-developed understanding of legacy technology – particularly given his prior posting, as chief secretary to the Treasury.
Indeed, during his 19 months at HM Treasury he worked with GDS on the creation of a tool to provide data to inform government investment decisions. In July 2020, in the first speech he delivered in his previous role, Barclay spoke of his hope that the planned government three-year spending review – which was ultimately delayed by a year because of the pandemic – would have a keen focus on addressing legacy IT and serve as a springboard to delivering “fundamental change” in Whitehall’s digital and data infrastructure.
“There is a huge unmeasured people cost in dealing with all the old technology and legacy data and bringing it all together. Maybe if government could be a bit more aware of this cost, that would help make the case for funding for improvement and address transformation issues.”
“The average tenure of a secretary of state is less than two years, and so it’s no surprise that issues such as legacy IT are often deprioritised in favour of the new and exciting,” he said. “Such an approach is not only expensive, it also poses cybersecurity risk, and prevents agile ways of working and cross-departmental interaction.”
A major report from the National Audit Office last year – which flagged up a “a consistent pattern of underperformance” of government digital programmes going back 25 years – singled out legacy systems and data as one of six key areas where lessons from past projects need to be learned to ensure greater success for future programmes.
Just a few days later another report, commissioned by the government and written by the Digital Economy Council, found that half of government’s annual IT spend – £2.3bn out of £4.7bn in 2019 – is dedicated to the maintenance of legacy technology, otherwise known as “keeping the lights on”.
The scale and significance of this problem has, as Barclay hoped, at least been somewhat recognised by the Treasury in 2020’s one-year spending round and the full three-year review that followed in 2021.
In 2020 a £600m funding commitment made for technology upgrades was dished out between HM Revenue and Customs (£268m), the Home Office (£232m), the Department for Education (£64m), and the Ministry of Justice (£40m). The comprehensive review that took place in November promised £2.6bn across government over the next three years to update old kit and mitigate cybersecurity risks.
A recent roundtable event, hosted by PublicTechnology in partnership with security and IT management firm Tanium, brought together a range of senior officials to discuss the issues they face with legacy IT, what causes them and how they can be addressed. Among the 10 participants in the virtual gathering were the digital heads of several major departments, as well as those from smaller executive agencies and local authorities, and representatives of the commercial profession. To enable the discussion to be as open as possible, the event was held under Chatham House rules.
Attendees first considered the question of how to define legacy – and whether and why such a definition is useful in tackling the problem.
According to one participant, for those in the digital, data, and technology profession, there is no intrinsic taxonomic value in defining legacy.
“It is probably not useful just to think: are these things legacy or not? It is about why: what are the problems… [and] what are the drivers of those issues?,” they said. “Is it about capability? Is it about security? Is it something that is no longer in support? It is about understanding what the problems are, so we can do something actionable about them – rather than being able to say whether they go into the ‘legacy’ box or not.”
However legacy is defined, participants agreed that one common shorthand definition is often inaccurate, and can be unhelpful in enabling better understanding of the issue among ministers and senior managers outside the DDaT profession.
“Legacy doesn’t mean old,” said one senior digital leader, pointing to the fact that age does not feature anywhere in the Cabinet Office’s five-point checklist for what might constitute a legacy system or business process: being considered end-of-life; impossible to update; no longer supported by suppliers; no longer cost-effective; or considered to be above government’s acceptable risk threshold.
Attendees agreed that there is plenty of technology of five, 10 or even 20 or more years’ standing that remains in use across government and continues to work well and serve the purpose for which it was implemented. This, perhaps, requires a different term – ‘heritage’ was suggested – that does not come loaded with the negative connotations of legacy.
“We need to start separating out what people mean [by legacy] to make it useful for ministers. If we are going to them and saying: ‘we’ve got this legacy tech, but it is absolutely fine’, then I think it confuses things,” one roundtable attendee said. “It would be interesting to test what ministers think the word ‘legacy’ means.”
Continuous improvement
The first of the seven principles of managing legacy technology laid out by the Cabinet Office is “aim to use continuous improvement planning to keep your technology up to date”.
The approach of enacting incremental upgrades and patches is, from a technical standpoint, the key to avoiding potential issues with legacy systems – which can crop up even if the technology in question is comparatively new, according to one attendee.
“Without continuous improvement, legacy can rise up,” they said. “If you’ve got a new product which no-one is looking at because it isn’t 20 years old yet, then it just sits there and becomes legacy very, very quickly.”
Even with a careful approach to deployment and a commitment to ongoing upgrades, government tech professionals can still be subject to the caprices of IT firms.
The digital leader of one executive agency said: “I currently have a service that has been live since September, and I have been hit twice with this legacy thing… it is the vendor: they have changed something and taken a component out. This is a modern, digital service, using the latest technology. But the vendor has twice taken the service down. You build something new, and you try to future-proof things – but there are different types of exposure.”
£2.3bn
Amount spent by government on legacy tech upkeep in 2019, out of a total of £4.7bn total IT spend
11
Number of ministers that have overseen digital government since 2015
HMRC, Home Office, MoJ, DfE
Departments that received a cumulative £600m in the 2020 spending round to urgently address legacy IT
Another participant, from a big-city local authority, agreed that “we all try and design so we don’t get legacy”.
But, without the processes – and the ongoing budget – to support the approach of continuous improvement, systems and services can go for long periods without a proper assessment of risk.
“We often design a service for a lifespan… which is possibly tied into a contract with a supplier,” they said. “Sometimes the legacy issue comes up because those services are designed for two or three years, but don’t get reviewed for eight or ten years: there isn’t the capacity in the public sector to go round and review everything at every point that it needs. It is only where you can build in that continuous improvement that you cut out the legacy. Otherwise, quite often what you see is there a service that is built however many years ago and it has got to the point that it is creaking, and we are fixing it and designing a service for the next period of time, rather than taking that continuous improvement approach.”
Paul Jackson, head of public sector at Tanium, said that in recent he has seen changes to contracting models and commercial discussions have at least reflected a greater awareness of the risks posed by allowing technology to become outdated.
“Previously the way contracts were written made it quite hard to do some of that evergreening,” he said. “But I have seen a shift in the conversation to consider how to be futureproof. There is more awareness to try and provide that evergreening to try and make sure it is part of the decision-making process, and that it is recognised you need a level of innovation and improvement.”
Are costs effective?
As is so often the case, funding represents another major contributory factor to the issues caused by legacy tech. But, according to digital leaders taking part in our discussion, it is not just a question of how much money is available, but rather the structures, considerations, and processes that inform how and where it is provided, and for what purpose.
Support is invariably provided in large, one-off chunks – often to address the urgent need of a service or system that needs to be fixed. And, thereafter, digital and IT teams are tasked with keeping things running as cheaply as possible.
“Technology is one of the most raidable budgets when funding gets tight,” according to a digital leader at a major department. “There is big upfront funding, then minimal running costs [are expected], which doesn’t really suit the way technology works now.”
Funding processes should make provisions for the expectation that the value of technology – both financial and otherwise – can only be realised and calculated over time.
“In most other industries, they recognise that the IT that is supporting your services is part of your asset base. I don’t think central government and its funding arrangements are particularly well wired up to deliver that forward-thinking service-delivery model,” said the digital leader of another large department. “Let’s assume 10-20% of the value of the asset… should be going into continuous improvement, and made available to those product teams. But that is not typically how we do things.”
They added: “This is something for us to tackle – and we need to talk about it overtly as part of this discussion, as it is as relevant to policy and delivery leads as it is to the technology leads.”
Another department represented at the roundtable has tried to build in some longer-term consistency into funding for digital objectives, with the inclusion of a consideration of the ongoing cost of continuous improvement. Once again, the importance of including colleagues from policy and delivery is stressed – for whose ease-of-reference the dedicated funding has been characterised as ‘maintenance’.
“There is always a pressure on business-as-usual [operations] to ‘reduce, reduce, reduce’; but there has now been this creation of a ‘maintenance’ conversation on top of this,” said one of the department’s senior digital leaders. “We go out to the rest of the department and say, ‘useability, availability, security– these are the things we think we should be aiming for, do you agree? Well, in order to do that, we are going to need X amount more’, which we have labelled ‘maintenance’.”
Another participant pointed out that the money needed to deliver a service does not end with the deployment of the necessary technology; employing the people needed to support the tech – particularly for ageing systems – can represent as much as 60% of the overall cost of a service over its lifespan.
“There is a huge unmeasured people cost in dealing with all the old technology and legacy data and bringing it all together,” they said. “Maybe if government could be a bit more aware of this cost, that would help make the case for funding for improvement and address transformation issues.”
Reframing the issue
The Central Digital and Data Office, created within the Cabinet Office last year to help set digital and data strategy across government, is currently working on the creation of a framework to allow for better assessment of legacy technology – particularly at the level of individual services, rather than department-wide. The aim is to recognise problems that cut across departmental boundaries, and map out a model through which risks and opportunities can be calculated, and priorities set.
The CDDO is currently working with departments to identify the biggest legacy-related issues affecting services and those that are expected to crop over time, covering factors such as capacity and resources, funding, and security.
Once complete, the framework will represent a record of the issues being caused by legacy tech and what is driving them, as well as how they can be remediated and the benefits of doing so, alongside the risks of leaving things as they are, even if systems are still seemingly in decent working
The aim is to create for a unified means for departments to assess opportunity and risk, and prioritise projects. The Cabinet Office also hopes that the creation of the framework will allow it to better understand how and where it can support departments, with money, personnel, or through forging connections.
The digital director of an executive agency claimed that the “CDDO can play a big role in connecting people” – particularly in helping tech professionals share bad experiences, as well as good.
“In the very early days of GDS, there was a network and, when people were putting together programmes of work, you would be connected with someone who had done a similar thing,” they said. “We used to host quite a few people here [to talk about] about legacy contracts. Most of the time we didn’t tell people how to do it – we told them what not to do. Lessons learned is a big thing.”
Another aim of CDDO in its work to address legacy over the coming months is to help bring together colleagues from different professions. As well as connecting digital specialists with policy and delivery professionals, procurement and commercial representatives also need to play a key role in the conversation.
A commercial director of an executive agency said that, in their experience, DDaT professionals from different departments are accustomed to making connections, and have created “a number of forums” for doing so.
“But my experience is that policymakers are generally very departmentally aligned,” they added. “To make that [connection] there is an awful lot of work to do, and it is more difficult to do that centrally.”
But, according to a senior digital leader, the legacy of failing to broaden the discussion to include all stakeholders could be long and troublesome.
They said: “It would be interesting to ask service delivery people ‘what are you doing to deal with legacy’? And, if the answer is: ‘it is an ICT or digital issue’ then we will still be having this conversation in 10 or 20 years’ time, because it will still be a digital or ICT issue, and we’ll still be the ones that are trying to fix it.”
Tanium provides endpoint security and management. Find out more.
mexican drugstore online: mexican rx online – mexican drugstore online
best online pharmacies in mexico https://mexicaneasypharm.com/# Mexican Easy Pharm
п»їbest mexican online pharmacies
mexico drug stores pharmacies https://mexicaneasypharm.com/# Mexican Easy Pharm
reputable mexican pharmacies online
reputable mexican pharmacies online https://mexicaneasypharm.com/# mexican drugstore online
buying prescription drugs in mexico online
https://kamapharm.shop/# super kamagra
54 prednisone
https://predpharm.shop/# prednisone without prescription
prednisone purchase canada
https://predpharm.com/# prednisone 4 mg daily
cost of prednisone in canada
http://dappharm.com/# cheap priligy
prednisone 10mg tabs
https://dappharm.shop/# DapPharm
buying prednisone
http://dappharm.com/# cheap priligy
online order prednisone 10mg
https://semapharm24.shop/# SemaPharm24
prednisone price
http://dappharm.com/# DapPharm
prednisone 5443
http://semapharm24.com/# SemaPharm24
order prednisone online no prescription
https://kamapharm.com/# buy kamagra online usa
generic prednisone cost
http://semapharm24.com/# SemaPharm24
25 mg prednisone
https://kamapharm.shop/# Kamagra Oral Jelly
purchase prednisone 10mg
https://predpharm.com/# PredPharm
prednisone 40 mg tablet
https://cytpharm.shop/# Cyt Pharm
prednisone 20mg online without prescription
https://farmasilditaly.com/# viagra generico recensioni
farmacie online autorizzate elenco
https://farmabrufen.shop/# BRUFEN prezzo
farmacie online sicure
https://farmasilditaly.shop/# viagra naturale in farmacia senza ricetta
Farmacia online miglior prezzo
https://farmatadalitaly.shop/# migliori farmacie online 2024
acquistare farmaci senza ricetta
http://farmabrufen.com/# Ibuprofene 600 prezzo senza ricetta
farmacia online senza ricetta
miglior sito dove acquistare viagra: FarmaSildItaly – viagra ordine telefonico
Farmacia online piГ№ conveniente
miglior sito dove acquistare viagra pillole per erezione immediata viagra generico in farmacia costo
top farmacia online https://farmaprodotti.com/# acquistare farmaci senza ricetta
migliori farmacie online 2024
https://jugabet.xyz/# Los jugadores deben jugar con responsabilidad.
Poker rooms host exciting tournaments regularly.
La historia del juego en Chile es rica.: winchile casino – win chile
Casinos offer delicious dining options on-site. http://taya365.art/# The gaming floors are always bustling with excitement.
La variedad de juegos es impresionante.: winchile casino – winchile casino
taya365 com login taya365 login The thrill of winning keeps players engaged.
Cashless gaming options are becoming popular.: phmacao.life – phmacao club
Some casinos have luxurious spa facilities. https://jugabet.xyz/# Las apuestas mГnimas son accesibles para todos.
High rollers receive exclusive treatment and bonuses.: phtaya.tech – phtaya casino
The casino atmosphere is thrilling and energetic. http://jugabet.xyz/# Los casinos garantizan una experiencia de calidad.
win chile winchile casino Los juegos de mesa son clГЎsicos eternos.
Gambling can be a social activity here.: taya365.art – taya365
Los jugadores deben conocer las reglas.: jugabet – jugabet casino
https://taya365.art/# Many casinos provide shuttle services for guests.
Live dealer games enhance the casino experience.
Many casinos offer luxurious amenities and services. https://taya777.icu/# Gambling regulations are strictly enforced in casinos.
https://taya777.icu/# Casinos often host special holiday promotions.
The casino scene is constantly evolving.
Players often share tips and strategies.: phmacao casino – phmacao casino
Poker rooms host exciting tournaments regularly. http://taya365.art/# Many casinos host charity events and fundraisers.
phtaya phtaya login Entertainment shows are common in casinos.
http://winchile.pro/# Es comГєn ver jugadores sociales en mesas.
Some casinos have luxurious spa facilities.
Las redes sociales promocionan eventos de casinos.: win chile – winchile
Hay casinos en Santiago y ViГ±a del Mar.: jugabet chile – jugabet.xyz
The Philippines has several world-class integrated resorts. https://phtaya.tech/# The Philippines has several world-class integrated resorts.
http://phtaya.tech/# Some casinos have luxurious spa facilities.
Responsible gaming initiatives are promoted actively.
Visitors come from around the world to play.: phmacao casino – phmacao
Las reservas en lГnea son fГЎciles y rГЎpidas.: jugabet – jugabet.xyz
phtaya login phtaya casino Slot machines attract players with big jackpots.
A variety of gaming options cater to everyone. http://phtaya.tech/# Live dealer games enhance the casino experience.
Live music events often accompany gaming nights.: phtaya.tech – phtaya login
Las estrategias son clave en los juegos.: jugabet chile – jugabet chile
http://winchile.pro/# Los torneos de poker generan gran interГ©s.
The Philippines has a vibrant nightlife scene.
Gambling regulations are strictly enforced in casinos. https://winchile.pro/# Las mГЎquinas tienen diferentes niveles de apuesta.
taya777 register login taya777 register login Casino promotions draw in new players frequently.
Casinos offer delicious dining options on-site.: taya777 login – taya777 register login
Cashless gaming options are becoming popular. http://taya777.icu/# Players enjoy both fun and excitement in casinos.
http://winchile.pro/# La competencia entre casinos beneficia a los jugadores.
Live music events often accompany gaming nights.
Es comГєn ver jugadores sociales en mesas.: winchile.pro – winchile
Casinos often host special holiday promotions.: taya777 app – taya777 login
Players enjoy a variety of table games. https://taya777.icu/# Most casinos offer convenient transportation options.
phmacao com login phmacao club Security measures ensure a safe environment.
Entertainment shows are common in casinos.: taya777 login – taya777.icu
Responsible gaming initiatives are promoted actively.: phtaya.tech – phtaya casino
The Philippines offers a rich gaming culture.: taya365 com login – taya365.art
taya365 login taya365 com login A variety of gaming options cater to everyone.
La competencia entre casinos beneficia a los jugadores.: winchile.pro – winchile casino
http://phmacao.life/# The Philippines has several world-class integrated resorts.
The casino industry supports local economies significantly.
Many casinos have beautiful ocean views.: taya777.icu – taya777 register login
Loyalty programs reward regular customers generously.: taya365 com login – taya365
https://taya777.icu/# Casinos offer delicious dining options on-site.
Many casinos offer luxurious amenities and services.
Algunos casinos tienen programas de recompensas.: jugabet casino – jugabet.xyz
Casinos offer delicious dining options on-site. https://winchile.pro/# Los jugadores deben conocer las reglas.
Poker rooms host exciting tournaments regularly.: phmacao.life – phmacao com
http://jugabet.xyz/# La mayorГa acepta monedas locales y extranjeras.
Casinos offer delicious dining options on-site.
Online gaming is also growing in popularity.: taya777 app – taya777 register login
The Philippines has several world-class integrated resorts.: taya777 register login – taya777 login
Players can enjoy high-stakes betting options. http://phmacao.life/# A variety of gaming options cater to everyone.
phmacao com login phmacao.life Many casinos have beautiful ocean views.
Game rules can vary between casinos.: taya777 – taya777
https://phmacao.life/# Gambling regulations are strictly enforced in casinos.
Casinos offer delicious dining options on-site.
http://phtaya.tech/# The casino experience is memorable and unique.
Some casinos feature themed gaming areas.
The Philippines offers a rich gaming culture.: taya777 login – taya777 app
The casino experience is memorable and unique.: taya777 – taya777
phtaya login phtaya.tech Players must be at least 21 years old.