A review of the current (sometimes counteracting) pressures on Australian Government IT arising from changes in technology, user preferences, reducing delivery times and funding constraints, including the rise of social media, the trend towards consumerisation, increased availability of cloud computing, and the need to maintain a focus on efficiency and effectiveness while simultaneously pursuing productivity improvement. Delivered at the Forrester CIO Forum, 27 August 2013.

Introduction

I chose the title of this presentation because the accordion has a somewhat unique design – whichever way one uses it – by pushing in or pulling out – it makes a noise. One way isn’t better than another – one way isn’t inherently right. I thought this was a quite clever analogy. Then I mentioned it to one of my staff. She’s something of a musician in her spare time and she pointed out that the accordion had another important characteristic. Like the bagpipes, unless the player is an expert, the accordion tends to sound pretty bad. Now, I don’t subscribe to the oft-stated concept that most corporate IT is ineffective but I do know that government IT, like IT in any large organisation isn’t for the faint hearted. All CIOs and CTOs have to balance competing pressures. In my presentation today, I am going to cover several of these and consider how they are changing what we are doing in whole of government ICT. Then, in the discussion period, I trust we’ll be able to share our views on how best to deal with them and what the future might hold.

I prepared this presentation on my iPad, using a free app called HaikuDeck. I paid for the iPad myself. I wrote the text on my MacBook Pro (which I bought myself, rather than use the laptop my work provided), in Microsoft Word from the Microsoft Office version I purchased using the Home Use Program. While I was working, I checked my work email remotely on my iPhone – which I also bought myself rather than use my work BlackBerry. The laptop and the BlackBerry aren’t bad devices. I use both every day. But they aren’t my devices of choice. And, I’m sure, many of you and many of your staff find yourselves in the same position. Many of us have developed a preference for BYOD. Increasingly, organisations are supporting BYOD solutions.

The challenge for government is how we meet the demand for BYOD while simultaneously addressing the security issues that are raised by such devices. Government has a graduated security system for its documents and information. Some information is meant for public dissemination while some is not. Some information affects the privacy of citizens and some the commercial interests of business. At higher levels, information cover issues of national security in both a defence and a financial sense. Accessing this from wired, workplace-based and government-owned computers isn’t much of an issue. Doing so from a device in the pocket of a public servant that he or she bought and which also holds their music collection, social media history and personal baking details, all of which might be deliberately or inadvertently exposed to the wider world is a different matter.

Mobile device management solutions are assisting agencies in dealing with these issues as are modern versions of the remote access solutions we have favoured for some time. The difficulty for today’s government CIO is how to balance the push from senior executives who want to use shiny new devices but whose security minded counterparts are greatly concerned about the risks such devices might introduce. Typically, these devices are in a development cycle that moves faster than our ability to assess their security status. How will we manage this into the future?

Cloud is the new black. IT executives can tell when a product is reaching the peak of hype. Every vendor who comes to your door is offering a solution based on that product. This has been true of cloud for some time now. To some extent, we are starting to see that the peak may have been reached as the practicalities of cloud adoption have begun to make themselves felt. In government, this has been marked by the need to develop policies to guide cloud deployments. Of these, the most obvious has been the increased focus on cloud security, privacy and data sovereignty.

This isn’t a particularly surprising development. If the first wave of outsourcing taught government IT executives anything, it was this – you can’t offload reputation risk, no matter how hard you try. While outages of service are always undesirable, the potential for the loss or compromise of citizens’ data has much wider ramifications. If trust is lost in the system, it is very hard to recover.

Of course, this isn’t a reason not to adopt cloud. Early adopters are increasingly enjoying its advantages and there is much promise. Like all procurement methods, and cloud is really a new way of buying IT, the need to identify the options that offer the greatest value for money is where the focus needs to lie. And that value decision needs to consider more than price.

One of the most attractive features of public cloud computing is the ability to amortise the costs of major capital expenditure over a large number of customers. By removing the need for massive capital investment, public cloud options remove the peaks and troughs from budget and move expenditure to the more responsive operational side. This change allows agencies to be more responsive to changing pressures and demands and has much to recommend it.

On the other hand, of course, once the capital base is removed, reconstituting it becomes very difficult. Justification for large, new lumpy investment is hard to establish. In turn, this reduces agency options and, to some extent, their ability to control their destiny. While we accepted this in the production of electricity over 100 years ago, the commodity future of computing is, understandably, yet to be established.

An example of one potential future is the manner in which we have invested in major ERP solutions. Once chosen and deployed, an ERP solution is difficult to change. While options exist, and the licensing costs aren’t the most significant, the cost of churn, for no capability gain creates a form of inertia that is very hard to overcome.

To really gain the benefits of public cloud computing, we need widely accepted standards so that mobility between providers is not just possible but practical.

A few years ago, it was easy to dismiss open source solutions. One could joke about ineffectual attempts to explain system failure on the basis of asking for help on bulletin boards or about the difficulties of choosing between an increasing number of forked versions of the code.

Proprietary software providers took advantage of this situation. Licence prices climbed and support became more costly, particularly as the arcane nature of the more advanced features, often those sold as the most beneficial, became harder to deploy.

But the times they are a’changing, as Bob Dylan said. Drupal is a great example of this. Drupal based web content management systems are proliferating in government in Canberra, for good reasons. Consequently, demand for Drupal literate staff is growing quickly. We have seen the growth of a significant number of Drupal specific support providers and even a commercially developed, free, open source, specific to government Drupal 7 distribution. Initiatives like this reduce the upfront cost of development and increase the speed at which new online solutions can be deployed to meet business needs.

Spoiler alert – if you haven’t seen the recent Lone Ranger movie and still intend to, put your fingers in your ears.

For my money, one of the funniest lines is when Johnny Depp’s Tonto character, bemused at the choice fate has forced upon him, explains that ‘Kemo Sabe’ means wrong brother. For government CIOs, the choice of whether and with which other agencies to partner is an important one.

To some extent, public cloud is a good example of the benefits of economies of scale. There are others across government. Centralised procurement of hardware and software increases any organisation’s ability to leverage its buying power. Standardisation reduces costs as does common infrastructure.

On the other hand, shared services have been an area fraught with pitfalls for CIOs and their business masters. As any CIO knows, you can build one system to support one business process or many systems to support many business processes but to try and build one system to support widely different business processes, and worse, to do so with the intention of forcing convergence through technology, particularly when convergence isn’t a universal goal, is a recipe for disaster, a fulfilling of the sardonic view that CIO stands for Career Is Over.

Finding the right mix of commonality over diversity in IT remains difficult but is increasingly necessary as budget pressures increase.

The rise of social media, and not just among the young, is increasingly noticeable to us all. In the early days of the Gov 2.0 task force, one of our most fervent areas of discussion was around the need to allow public servants to use their agency’s IT infrastructure to access social media. While traces of these concerns remain, for most, the proliferation of smart phones and similar mobile devices has meant that this is no longer a relevant matter. Most people access social media sites using the device they carry in their pockets. There are almost as many wireless broadband accounts as there are citizens in Australia. Access to the web via mobile devices exceeds that via fixed lines. With more than 50% of Australians using Facebook – probably 2 out of 3 once the oldest and youngest Australians are taken into account, social media appears here to stay.

Organisations have been steadily adopting social media strategies. While the means and methods vary greatly, there appears to be no way any new initiative isn’t going to be accompanied by the use of communications on a range of social media channels.

The sceptic in me notes that people are more interested in social media failures than they are in successes. This isn’t all that surprising. I’m sure as many people go to car races to see the crashes as they do who wins. We all know that the fights in the State of Origin matches receive at least as much attention as the tries.

The balance we need to seek here is how we utilise these now, not so new channels in a way maximises their advantages and that protects our staff from their disadvantages.

What then is the way ahead for government IT, given these changes?

Firstly, I don’t think these challenges are specific to government, they are the same challenges faced by any major, modern organisation. While government adoption might lag that of the leading edge companies, we need to ensure we don’t get out of touch with what is going on.

This dictates a need for several, parallel strategies:

We need to keep open minds; keep up with developments; and, encourage intellectual curiosity among our staff, particularly those who can influence change.

We need well-developed analysis methodologies that examine the total cost of ownership of solutions over their life. This will require robust cost modelling.

We need to encourage the development of standards, particularly in the area of cloud computing. True commodity computing can only be established when the cost of changing providers is minimised. We see that in desktop hardware now.

We need to attract and retain staff for whom the use of technology is second nature. To do this, we need to adopt the flexibility that people have come to expect in the use of technology – the choice of devices and use scenarios.

As CIOs, we need to remain closely connected with business so that we are offering solutions to their problems, not problems for their solution.

Finally, we need to avoid the mistake that the American Army made after Vietnam. In our pursuit of operational expertise, we need to ensure we create a succession plan for our positions that is filled with people, not who we have trained on the basis of what to do but rather on the basis of how to think. This is how we will ensure our organisations are prepared for the future, not ready for the past.

Now – what do you think?