The "Code Red" Crisis: 43 UK Government Systems at Critical Risk
Questions raised in UK parliament led to an internal review of government legacy systems. No fewer than 43 were reported as having a “red” or critical status.
What does this mean? The government defines legacy systems as systems that meet any or all of the following criteria:
Each legacy system was assessed on a two-factor point scale. Factor one was the likelihood of the system failing in the near future and factor two was the amount of impact that failure would have on: national security; government’s reputation; finances and budgets; external stakeholders; operations; other technology systems..
A “red” status is achieved by scoring highly in both of these factors. So not only are 43 systems likely to fail in the near future, they are likely to have significant impact within the UK when they do.
Eleven of these systems are maintained within the Ministry of Defense and 6 are managed by the Department of Work and Pensions, two agencies with significant impact on public life. No fewer than 11 government bodies reported having at least 1 “red” system, and 6 had 4 or more.
Notably, some departments like the Department for Culture, Media and Sport have refused to disclose their data, while others have not completed their assessments, so the number of red systems could be higher.
While the government has vowed to deal with this issue and has stated that there is a “funded and carefully planned out remediation plan” it is unclear what the next steps will be.
Choosing a solution presents a delicate balancing act for the government CIOs and COOs. If they do not update or migrate these systems within the next few months, they risk system failure with the consequences thereof, and continued exposure to security risk and public criticism. If they move too quickly, they’ll be forced to skip the fine-tuning required for such a project and may discover critical kinks–such as the immense cost of shifting an entire system, or the possible inability to access all of their data in a new operating system.
It’s necessary to consider all of the data history associated with these systems. Whether they are related to global defense or citizens’ pensions, it is crucial and required by law that this data not only be retained, but remain accessible, even if they are not required for the replacement system to function.
The decision makers in these cases need to learn to compartmentalize: what elements of these systems are active and must migrate to a new system and what elements should be securely and accessibly archived. Separating elements such as data history from operating functions will accomplish several goals at once: bring down the cost and complexity of migration, speed up the process, ensure compliance, and increase the likelihood of a successful migration.
IT teams could be split into units with their own mission. One unit will migrate all the active operations and data to a new system without consideration for nonactive elements. The other will focus on securing the data history within an accessible archive. With these teams working concurrently, the entire migration will be completed swiftly and smoothly.
For choosing an accessible home for the data history, there are a few qualities the solution should have to achieve the best results:
With this plan in place, government CIOs and COOs could be empowered to swiftly correct this legacy emergency and put all their systems back in the green.
Find out more about this type of solution.
For more information about this article, you can contact our Press Office.