Wednesday 25 September 2013

G-Cloud pan-government accreditation

What is pan-government accreditation?

The UK government proposes to make public services more efficient by using cloud computing. The G-Cloud project – government cloud – operates the CloudStore, an on-line shop for cloud computing services. Central government departments and local government, too, can buy whatever they need from the CloudStore quickly and cheaply.

Quickly, cheaply and with confidence, because these cloud computing services have all been accredited.

And some of them have pan-government accreditation. 72 of them, to be precise:
Any services procured which have not achieved pan government accreditation are purchased at the risk to [sic] the consumer. The Pan Government Accreditation service (PGA), Public Sector Accreditation Board (PSAB) and the G-Cloud SIRO shall not be accountable for any such decision. The preference of the G-Cloud programme is that BIL 11x/22x and 33x should have pan government security accreditation before they are bought from the Cloud Store.
Nine of the pan-government accredited services are provided by Lockheed Martin, 18 of them by Microsoft and two by QinetiQ. These are big companies that everyone has heard of, just the sort of suppliers you would expect to be worthy of this valuable accolade, pan-government accreditation.

There are smaller companies, too, including our old friend Skyscape (now UKCloud Ltd, added 11.9.17), the captive cloud company, which offers 14 pan-government accredited services. Quite extraordinary, when you remember that Skyscape didn't even exist until 3 May 2011.

And then there's MDS Technologies, with two services on offer.

Who are MDS?

Take a look at their team. It includes one Gordon Liddle, who "joined MDS in 2003 and has responsibility from the point a customer has signed a contract. His role is to ensure that all implementations and ongoing services delight our customers and business continuity is a reality". Except that that's not his rôle. He doesn't work at MDS any more. He's a marine research & conservation volunteer now, at the Tropical Research and Conservation Centre, Borneo.

Bit odd.

Time to get onto Companies House and take a look at MDS.

It turns out to be a £104 company. Tiny. Like Skyscape, with its £1,000 of share capital.

It's a bit odd banging on about share capital but Skyscape and MDS are unquoted companies. QinetiQ has a market capitalisation of $2.0 billion, Lockheed Martin $41.1 billion and Microsoft $274.5 billion. We know what the markets think of them. All we know about Skyscape and MDS is that their investors were prepared to risk £1,000 and £104, respectively.

That seems to have been enough for the Government Procurement Service, or whoever conducts accreditation for G-Cloud. Pan-government accreditation has been given to a company with 10,400 1p shares.

MDS's annual return was received at Companies House on 11 September 2012 and shows that its five directors hold 9,678 shares between them.

MDS's accounts had been received at Companies House one month earlier, on 9 August 2012. The accounts are unaudited. Pan-government accreditation has been given to a company without the benefit even of audited accounts.

(Trainspotters will remember that Skyscape was accredited when it was so young that it hadn't submitted any accounts at all to Companies House. None. How did they do it?)

Unquoted and unaudited, nothing much happened for a few months at MDS according to Companies House except that by 12 March 2013 the appointment of four of the five directors had been terminated.

Bit worrying. Losing 80% of the Board. Or maybe not, given that six months later MDS retains its pan-government accreditation. Presumably the G-Cloud people believe that those four directors weren't doing anything and their loss makes no difference.

"Any services procured which have not achieved pan government accreditation are purchased at the risk to [sic] the consumer", it says on the G-Cloud website. That's true. In the cloud. But here on terror firmer, the same applies to services procured which do have pan-government accreditation – they, too, are procured "at the risk to [sic] the consumer".

Four out of five directors gone, leaving just one.

Guess who.

Phil Dawson.

You don't remember Phil Dawson, but we have met him before. Not only is he the managing director of MDS. He is also the CEO of Skyscape. Not that that coincidence is mentioned in the self-congratulatory press release issued on 24 May 2013, 'MDS congratulate partner, Skyscape for winning public cloud project of the year award'.

It's the least MDS could do. They're a helpful partner, Skyscape. On 9 April 2013 Companies House registered a charge against MDS's assets in respect of a £250,000 loan. From Skyscape.

And on 22 April 2013, Companies House registered that MDS had adopted new articles of association.

By this stage, MDS is a brand new company. But it still retains its old pan-government accreditation.

There are two other charges against MDS's assets, both registered at Companies House on 22 January 2013, £125,000 each, in respect of the deposits held by MDS's landlords, Ark (A9) Ltd and Ark (SQ17) Ltd.

Ark.

Ring a bell?

It should. Skyscape's landlord is ARK Continuity Ltd, the company with Jeffrey Paul Thomas as a director, the man who used to own a share in Skyscape but gave it up, leaving Jeremy Robin Sanders as the sole shareholder, the company (ARK) with Baroness Elizabeth Lydia Manningham-Buller as a director, the lady who used to be the Director General of MI5.

Skyscape is now controlled by Virtual Infrastructure Group Ltd, not Jeremy Robin Sanders.

And Virtual Infrastructure Group Ltd?

The company has four directors. Including Jeremy Robin Sanders. And Philip Michael Dawson.

And that – just to go back to the original question – is pan-government accreditation, Whitehall-style.

----------

Updated 10.9.17

Last week Her Majesty's Revenue & Customs issued a press release, Jacky Wright appointed as New Chief Digital and Information Officer: "HMRC has appointed Jacky Wright as their new Chief Digital and Information Officer (CDIO) to take forward its ambitious digital transformation agenda".

Not many people could do this job. With 28 years in the industry, 8½ of them in senior positions with General Electric, three years with British Petroleum and six years with Microsoft, HMRC think Jacky Wright can do it. You never know. They might be right.

Microsoft is a major supplier to the UK government in general and to HMRC in particular. Lots of IT fashionistas hate Microsoft in a way that for some reason they don't hate Apple or Google or Amazon or Facebook or ... No accounting for taste, it's just a fact. Ms Wright won't be leaving Microsoft to take up her position at HMRC, she'll be on extended leave from the company.

Follow that recipe and you cook up a maelstrom of bad publicity for Ms Wright's appointment. She won't be able to do the job, the critics say, her loyalty to Microsoft will conflict with her duty to HMRC, she won't be able to be objective and independent.

She can't come from nowhere. She's got to come from somewhere. It just happens to be Microsoft and BP and GE. Wherever the holder of this job comes from, there will be conflicts.

If you live under a stone, like DMossEsq, you might be able to avoid these conflicts of interest. But no-one's going to appoint DMossEsq to CDIO of HMRC or of anywhere else. Anyone who can do the job is going to have conflicts. HMRC must recognise the problem and believe that Ms Wright is still the best person for the job.

Bryan Glick, the esteemed editor of Computer Weekly magazine, said yesterday that: "HM Revenue & Customs’ (HMRC) new chief digital and information officer (CDIO), Jacky Wright, appears  to be an excellent appointment".

Is he right?

You be the judge.

Tariq Rashid (who?) is quoted by Mr Glick as saying that the appointment of Ms Wright "stinks of corruption".

And Phil Dawson (who?) claims to be speechless but is nevertheless quoted as asking: "In what alternate universe is this good governance?".

Actually you know who Phil Dawson is. He's the Skyscape-now-UKCloud man featured in the blog post above.

Nicky Stewart is a member of Mr Dawson's universe. "I have over 20 years of experience in the civil service, all in IT facing roles", Ms Stewart says. "[At one stage I acquired] a thorough grounding in strategic sourcing, and the issues associated with large PFI [public finance initiative] deals. I then moved to Cabinet Office, eventually leading the commercial work strand of the G-Cloud programme".

That's quite useful public sector expertise for Skyscape/UKCloud, who hired her as their commercial director. It may or may not explain how Skyscape won central government contracts from HMRC among others when the company was so young that it still hadn't submitted its first set of accounts to Companies House and it still had only one shareholder.

That was then, back in 2011. And now? "I also spend quite a lot of time in London, at meetings and events, in order to try and influence government policy that could impact UKCloud and its market". Dreadful in one stinkingly corrupt universe, laudable in another.

Choose your universe.

We have yet to hear from the identity politics universe. Ms Wright is a woman, you know. And black. And American. And last year she contributed $2,700 to the Hillary Victory Fund. And she's a trustee of Prostate Cancer UK (click on the link and it says "The page you requested was removed"?) – when are we going to learn what the prostate cancer universe thinks about her appointment to HMRC?

Explore all the universes you like, but you still have to decide if Ms Wright is Ms Right for HMRC and, if not, who is.

G-Cloud pan-government accreditation

What is pan-government accreditation?

The UK government proposes to make public services more efficient by using cloud computing. The G-Cloud project – government cloud – operates the CloudStore, an on-line shop for cloud computing services. Central government departments and local government, too, can buy whatever they need from the CloudStore quickly and cheaply.

Quickly, cheaply and with confidence, because these cloud computing services have all been accredited.

And some of them have pan-government accreditation. 72 of them, to be precise:
Any services procured which have not achieved pan government accreditation are purchased at the risk to [sic] the consumer. The Pan Government Accreditation service (PGA), Public Sector Accreditation Board (PSAB) and the G-Cloud SIRO shall not be accountable for any such decision. The preference of the G-Cloud programme is that BIL 11x/22x and 33x should have pan government security accreditation before they are bought from the Cloud Store.
Nine of the pan-government accredited services are provided by Lockheed Martin, 18 of them by Microsoft and two by QinetiQ. These are big companies that everyone has heard of, just the sort of suppliers you would expect to be worthy of this valuable accolade, pan-government accreditation.

There are smaller companies, too, including our old friend Skyscape (now UKCloud Ltd, added 11.9.17), the captive cloud company, which offers 14 pan-government accredited services. Quite extraordinary, when you remember that Skyscape didn't even exist until 3 May 2011.

And then there's MDS Technologies, with two services on offer.

Who are MDS?

G-Cloud buries its head in the sand

Mark Zuckerberg founded Facebook and became the youngest self-made billionaire on the planet. He's still young, he's still rich and he's not pleased:
Zuckerberg recently criticised the Obama administration's surveillance apparatus. "Frankly I think the government blew it," he told TechCrunch Disrupt conference in San Francisco.

The Facebook founder was particularly damning of government claims that they were only spying on "foreigners".

"Oh, wonderful: that's really helpful to companies trying to serve people around the world, and that's really going to inspire confidence in American internet companies," said Zuckerberg.
Never mind privacy and security, the activities of the US National Security Agency (NSA) could reduce the size of the market for Facebook. They could cost money. This is serious.

And not just for Facebook:
If businesses or governments think they might be spied on, they will have less reason to trust the cloud and it will be cloud providers who ultimately miss out. Why would you pay someone else to hold your commercial or other secrets, if you suspect or know they are being shared against your wishes? Front or back door – it doesn't matter – any smart person doesn't want the information shared at all. Customers will act rationally and providers will miss out on a great opportunity.
Who said that? Neelie Kroes. And just because she's the European Commissioner for the Digital Agenda doesn't mean she's wrong. The activities of the NSA and our own dear GCHQ here in the UK raise two more big question marks about cloud computing, which already suffered from a lot of unanswered questions before Edward Snowden started leaking.

The Observer reminded us the other day that the cloud computing industry was predicted soon to be worth $200 billion worldwide. If Ms Kroes is right, then the industry can forget about $200 billion. It's just pie in the sky. No wonder Mr Zuckerberg is sounding worried.

The UK government has a major commitment to the cloud – they are promoting G-Cloud (the government cloud) as the way to deliver public services efficiently.

Ms Kroes has had her say and Mr Zuckerberg his.

What do the G-Cloud people have to say? Nothing.

What is their response to the obvious problems with cloud computing? Silence.

"Oh wonderful. That's really helpful."

G-Cloud buries its head in the sand

Mark Zuckerberg founded Facebook and became the youngest self-made billionaire on the planet. He's still young, he's still rich and he's not pleased:
Zuckerberg recently criticised the Obama administration's surveillance apparatus. "Frankly I think the government blew it," he told TechCrunch Disrupt conference in San Francisco.

The Facebook founder was particularly damning of government claims that they were only spying on "foreigners".

"Oh, wonderful: that's really helpful to companies trying to serve people around the world, and that's really going to inspire confidence in American internet companies," said Zuckerberg.
Never mind privacy and security, the activities of the US National Security Agency (NSA) could reduce the size of the market for Facebook. They could cost money. This is serious.

Thursday 19 September 2013

"The digital beauty of GDS"

"When was the last time you got all choked up about a website or app? Can you recall a transformative digital experience? Have you felt the beauty of digital?"
Ashley Friedlein's consultancy offers Digital Marketing Excellence™ and in that capacity he has "spoken at numerous international conferences, from the USA to Croatia, as well as trade events in the UK, on a range of digital marketing and e-commerce topics".

Today he shares his views with us on The digital beauty of GDS (Government Digital Service). On marketing, he says that "businesses can charge for the value of the "transformation", of the “feeling”, that an experience offers". And as to beauty, he associates it with the experience of being hit in the solar plexus.

"We believe that the experiences themselves are marketing." The customer experience is the marketing?

Today the death of Ken Norton was announced. Not only did Norton hit Muhammad Ali in the solar plexus, he went on to break his jaw. That cracking sound we all heard, that was the sound of marketing.

Judging by the picture, the experience wasn't beautiful at all and you may agree that, perhaps, Mr Friedlein needs to refine the new philosophical concept of beauty he's working on before he brings it to market.

Ken Norton,
the heavyweight who broke Muhammad Ali’s jaw,
dies at 70
The question arises in the course of his meditation whether a digital customer experience could ever give you that Ken Norton experience.

Good question.

And good answer – yes, he says, "I think GDS (Government Digital Service) is a shining example".

Why? How does he come to that conclusion?

Answer, not only "does GDS have a digital strategy, it has digital and design principles, all of which make a lot of sense", but also "US digital sage Tim O’Reilly described the GDS digital strategy ... as the ‘new Bible for anyone working in Government ...'".

"I asked my wife last night whether she’d had any digital experiences which hit her in the solar plexus, which she physically felt as beauty. She thought for a second and replied, in all seriousness, 'renewing my car tax online'."
GDS's digital strategy has been examined by four professors. None of them identified the beauty which Mr Friedlein sees in it. More fool them, eh?

And as to Tim O'Reilly, we have come across him before. Him and his religiose cult of the web. Him and his sermon about GDS's digital strategy being the new Bible. Unlikely, we thought. But then, we missed the beauty. More fool us.

In the interests of market research, why don't we all ask our partner tonight whether they've had a digital experience which hit them in the solar plexus and let Mr Friedlein know the result on his blog? Especially if it's "renewing my car tax online".

"The digital beauty of GDS"

"When was the last time you got all choked up about a website or app? Can you recall a transformative digital experience? Have you felt the beauty of digital?"
Ashley Friedlein's consultancy offers Digital Marketing Excellence™ and in that capacity he has "spoken at numerous international conferences, from the USA to Croatia, as well as trade events in the UK, on a range of digital marketing and e-commerce topics".

Today he shares his views with us on The digital beauty of GDS (Government Digital Service). On marketing, he says that "businesses can charge for the value of the "transformation", of the “feeling”, that an experience offers". And as to beauty, he associates it with the experience of being hit in the solar plexus.

"We believe that the experiences themselves are marketing." The customer experience is the marketing?

Today the death of Ken Norton was announced. Not only did Norton hit Muhammad Ali in the solar plexus, he went on to break his jaw. That cracking sound we all heard, that was the sound of marketing.

Public administration page-turners

Two more books for the bedside table:
Published in 1952 and still essential reading:
Why would anyone want to read these books?

Here's one reason.

The UK National Health Service (NHS) used to boast the biggest computer project in the world. That was their National Programme for IT (NPfIT), a project started in 2002.

In September 2011 the coalition government decided to cancel (or "dismantle") NPfIT, see for example Labour fury as £12bn NHS IT project ditched. By that stage NPfIT had cost £6.4 billion and the expectation of any commensurate benefits had evaporated.

Two years later what do the National Audit Office (NAO) tell us about this cancelled/dismantled failure?
The full cost of the National Programme is still not certain. The Department's most recent statement reported a total forecast cost of £9.8 billion. However, this figure did not include ... 

Public administration page-turners

Two more books for the bedside table:
Published in 1952 and still essential reading:
Why would anyone want to read these books?

Monday 16 September 2013

Biometrics, Aadhaar and the Apple iPhone 5S

(Hat tip: Ram Krishnaswamy)

For seven years DMossEsq has been boring the world with scare stories about biometrics. "Biometrics don't work", he's been telling anyone not agile enough to get away from him first, "not well enough to do the job they're meant to do, not in the mass market, not with large populations".

Even the other day when those fashionable and lovable exploiters of third world labour Apple announced details of the iPhone 5S, with its fingerprint verification, he couldn't stop himself writing about the problems of false non-matches.

These warnings just wash over people. It's all theoretical. "Computer says no" is a line in a very rude TV comedy show, it doesn't happen in real life.

Really?

Try this.

The much-lauded biometric ration card system is believed to be fool proof and expected to bring the public distribution system (PDS) in step with the digital era. However, ironically, the feedback from the ground indicates that it is rejecting the poor and the impoverished it was intended to benefit.

The biometric authentication system installed at the PDS outlets fails to establish the identity of many genuine beneficiaries, mostly workers, as their daily grind in the agricultural fields, construction sites or as domestic help have eroded the lines on their thumb resulting in distorted impressions.

‘MATCH NOT FOUND’

The ridges and the patterns that are unique to each individual cannot be detected by the scanner and the screen repeatedly blinks a message stating “match not found”.
India is gradually introducing Aadhaar, a biometrics-based identity management scheme which is meant among other things to reduce corruption in the food security system. "PDS outlets" can give subsidised rice to genuine claimants, who use Aadhaar to prove their entitlement, and withhold it from scammers.

At least they can if the biometrics work.

But they don't.

So the PDS shops initially refuse rice to genuine claimants. And then, like normal human beings, they relent, give them the rice anyway, otherwise they'd starve to death or start a riot, and damn the system – "Mr. Vombatkere said that if the beneficiary has to depend on the munificence of the officials to get their quota and not as their right, then the purpose of introducing the biometric system is defeated".

All that money spent on Aadhaar.

Wasted.

That's not a theoretical PDS agent, in the picture alongside, giving theoretical rice to a theoretical claimant. They're all real. Like the failure of mass market biometrics.

Remember, you're entitled to the money in your bank account. It's yours.

But suppose you had to use biometrics to prove that. And suppose the iPhone said "no". Or rather "match not found". Then maybe it wouldn't be so theoretical after all.

----------

The trainspotters and stamp collectors among you will remember that the strength of Aadhaar is derived, according to the Unique Identification Authority of India (UIDAI), from using not one but two biometrics – fingerprints and iris scans.

How come the match-not-found people whose fingerprints fail the biometric test for rice can't be identified by their iris scans instead?

You didn't seriously suppose, did you, that the UIDAI were going to waste money installing iris scanners in tens of thousands of outlets?

----------

As DMossEsq says, "you can solve the false non-matching problem, all you have to do is reduce the matching threshold. But then you get a false matching problem, impostors are able to claim your rice or use your bank account".

Would you like to know more?

How high is your boredom threshold?

Biometrics, Aadhaar and the Apple iPhone 5S

(Hat tip: Ram Krishnaswamy)

For seven years DMossEsq has been boring the world with scare stories about biometrics. "Biometrics don't work", he's been telling anyone not agile enough to get away from him first, "not well enough to do the job they're meant to do, not in the mass market, not with large populations".

Even the other day when those fashionable and lovable exploiters of third world labour Apple announced details of the iPhone 5S, with its fingerprint verification, he couldn't stop himself writing about the problems of false non-matches.

These warnings just wash over people. It's all theoretical. "Computer says no" is a line in a very rude TV comedy show, it doesn't happen in real life.

Really?