We are experiencing troubled times in the world at the moment, and security is number one on the list of priorities involving governments and IT. Not only does the world face a global threat of terrorism, but we also face the threat of virii, spam, spyware and other nasties. Protecting yourself from the vermin of the Internet is enough of a challenge for those with infect-able machines, but we also need to consider the bigger picture – government information and processing.
In my country (the UK) my government pledges to protect the country and look out for its best interests. Without wishing to wander down the road of a rambling political diatribe, these rights are in general well protected; there are obviously mistakes that are made, but these gaffs are part of the political scenery. It does however, seem that the government is concerned with a few key objectives for its governance and associated budget and party political speeches:
- Clarity – after the deep split in the country over the war in Iraq, the government is clearly wanting to repair bridges that may have spontaneously combusted that were once strong vessels for electoral glory. A government that came into power promising honesty has had a tough few months with the public accusing them of not been 100% straight with them.
- Optimisation – the government, and specifically Gordon Brown, have needed to spend some quality head scratching time figuring out how to gather more money from the British public without actually raising taxes. Part of this has been by cutting costs such as the cunning method of getting rid of a large amount of the pencil pushing civil service. These stealthy ways of bringing more notes and votes are not quite as lynch-able as raising other taxes or charging pensioners more money for putting that extra bar on the fire on.
- Security – in this aforementioned world of terrorist, virii, worm, spyware and other threats, security is a big issue. The government want to assure its faithful electorate that it is safe.
Reasonable aims I think. It has been mused in many a column inch that governments should be clearer and more honest with the public it serves, and these issues are of paramount importance. Although Gordon Brown may have run out of a lot of ways to pinch another penny from here or there, there does seem to be a subtle option that he seems to have failed to look over – saving money with Free and Open Source Software (F/OSS).
Microsoft has created a number of products that are in obvious use across the government. This includes Windows, Internet Explorer, Office and no doubt a stack of back end and back office servers and tools. Each one of these products costs money and this money is taken out of the public purse. Due to this public cost the choices made by the government need to be rightly justified. This justification should be offset with a list of requirements and another list of how these requirements are met by a particular product. It is therefore reasonable to say that a tender for a particular government service should be won if a particular product can out and out cater for government needs in a far superior way than any other product or vendor. In addition to this, the product should be suitably supported, secure, stable and time worthy; any additional costs to satisfy these additional core requirements would need to be justified using a similar method.
The problem that we face is that this justification does not actually seem to be justified. Across this country we have Microsoft products powering a number of critical branches of the government service tree including security services, health, prison, housing, offices and other areas. There seems to be a large roll out of this proprietary software but how could it be justified? In one way I make the assumption that Microsoft products have been chosen due to their apparent dominance in the market. This hails the theory of “a huge established company must mean popular products and high quality”. This is obviously not the case in all scenarios. I am sure there are many people out there who are happy with their Microsoft products, and these products work very well for them, but, there are however a number of people that experience common and unacceptable flaws in functionality with a range of Microsoft products. Although these flaws are not acceptable, but possibly admissible in a consumer market, these flaws are certainly not acceptable in a government landscape.
Part of the reason why instability is not acceptable is that it fails the concept of justification. How can a government justify backing a roll out of a large number of machines with unstable software that has been purchased from the public purse? I am sure there would be a public outcry if it were decided to construct lampposts with candles embedded as they work ‘most of the time’. Of course not, when the public piggy bank has been emptied into a vendors pocket, the public expect quality. The issue does not stop here however; we also need to consider this instability with the security risks of closed sourced software.
When I fill in my tax return and send it off to the government, I expect my information to be private and processed with due care and attention. This processing should still respect my privacy, but also seek to ensure accuracy in the processing. Faults are not acceptable. These simple requirements are abstracted somewhat with closed sourced software. When my information is sent to the government and I am assured that my privacy is protected, the details are carefully analysed by a well trained government official, but then fed into a machine that has a level of opacity due its closed sourced base. What use is it if the government are so concerned about the security of our nation, but they use software based on code that is largely hidden from them? I am in no way accusing Microsoft of dirty tactics with their software, but who knows? Unless we have the source available, Microsoft may be using secret alien technology harvested from a UFOs rear wing mirror for their code. We simply don’t know. For a consumer this may not be important to them, but again, when a government considers IT this needs to be of paramount importance. Why should my information go through the black box of a huge monopolistic organisation?
Some of you may respond to these comments about source code saying that the government do indeed have the Windows source code available to them. If this is the case then fair enough, but this still does not even compare to the number of beady eyes looking open source code. This concept of a closed sourced Operating System abstracting the processing of citizen information is a real issue. The government need to know what is going on all of the time. Naturally it is unreasonable for the government to employ programmers to read source code all day to ensure it is not dangerous – this is the reason why F/OSS has caught on so much – the community perform this task for you. You have piece of mind in the software because the community will not stand for any form of unscrupulous code at all.
Security is not just the issue here of course; there is the cost factor too. I am not going to reiterate the fine work of TCO analysis performed by others, but it is quite clear that F/OSS is a low cost option for not only an initial IT strategy but for future upgrades and maintenance too. In the government, as with charities, money is a big deal. Money cannot be frittered away on nonsensical activities and issues. The money needs to be well spent and again justified. Money saved with F/OSS in the government can mean a practical difference in terms of more teachers, more equipment and other costs. The idea here is that money saved from a particular sector should go back into that sector.
To me it seems like F/OSS could be a blessing for Gordon Brown. There is a potential to save a bundle of money, increase security/stability and also open up the government infrastructure to a community in a real sense. This infrastructure extends to ensuring that documents are written and made available in open standards, and that government websites use similar open standards. If I cannot access a government website in Mozilla I do not see how this is acceptable, nor do I see why I should have to purchase Microsoft Word to view a particular document. This is all about removing proprietary dependence for a client that is there for the greater good of the nation.
So what do you think? Valid points or drivel. Mark your words in the scribe below…