UK Cabinet Office hits pause on £9M Microsoft deal The UK's Cabinet Office has paused its migration away from Google Workspace to Microsoft 365, after ditching the current contract it signed with the Redmond headquartered biz last spring. An official procurement notice this week said the department, which works across government on behalf of the prime minister's office, has " …
I know that your comment was meant to be a provocative one but...
Unfortunately, the benefits of not having to maintain the infrastructure to store the data, together with the necessary backup infrastructure will be just too attractive for the bean counters.
By wrapping the entire service up in a cloud provider's offering, with an initially predictable cost per user, they can see savings in skilled staff, systems and premises costs. They're already down this path with the current Google Docs. solution, so going back to an on-prem. solution will not be on the table.
They still have the user's device costs, but putting everything in the cloud also simplifies the type of device and that needs to be deployed and their maintenance.
What they ignore is the additional costs that will be incurred as price gouging kicks in in following years, and the migration barriers and costs if the price gouging eventually gets too much! On top of that, most of the people making the decisions will be taking the providers promises of security at face value, not seeing all of the leaked data stories we see here. One would hope that the Cabinet Office would be more careful, but I doubt it.
All good points.
On top of that, I have three theories as to what's gone wrong - a) A technical debt issue, b) a policy-led own goal, or c) recognition that Azure and M365 might no longer be a suitable platform.
A) Its often assumed that you can move from any provider (cloud or otherwise) to another with minor data transformation or change - this isn't generally the case.
Most platform migrations will require transformation work and its quite possible tha tthe discovery uncovered really serious and costly issues that weren't in the OBC or previously understood.
Cabinet Office have been on Google for nearly 15 years - so any migration challenges could be writ large (and expensive).
During a run-up to a General Election I doubt CO would want to reveal such an unplanned overrun, so a "pause' might be politically preferable.
B) Cabinet Office might have suddenly realised that the changes they introduced on 29th June last year to the HM Government Security Classification Scheme mean that the term OFFICIAL is now really unhelpful. What used to be OFFICIAL isn't OFFICIAL any more in most cases....
Since 2013, when it was written and 2014 when it became approved, government have been happy to shovel pretty much any data into virtually any service and call it 'OFFICIAL'.
If there was a need to know aspect it cold be further described as OFFICIAL Sensitive.
Under that 2013/14 schema all sorts of truly sensitive stuff found its way on to Public Cloud - including material related to criminality (offenders, vulnerable victims, witnesses), configurations or IT systems, HMG policy creation, financial information, plans for HMG sites and buildings, etc., etc.
Data was intentionally devalued by ignoring the implications or impacts of it being compromised. "Business Impact" became dirty words in Gov, and successive policies encouraged (obliged) HMG depts to throw more and more HMG data into commodity IT and Cloud platforms which were never really designed for such a purpose.
The ONLY consideration was that the data did not need to be/would not be protected against a Foreign State or well funded hacker (and that it wouldn't cause mass death, war or international tensions - when it had to be treated as TOP SECRET).
Last June however, Cabinet Office (CDDO) changed the classification scheme pretty radically by re-introducing the consideration of 'Impact'.
Since June '23, OFFICIAL is really three tiers:
"OFFICIAL For Public Release" - data that have ZERO impact if published (and indeed intended for publication)
"OFFICIAL" - data which has neglible or no impact on HMG, public sector or an individual (so really quite unimportant stuff), AND
"OFFICIAL SENSITIVE" - data that has a limited, and specifically short term, impact on Government (i.e. minor impact on public finances, some embarassment or press coverage), or which might have limited impact on an individual if disclosed (such a minor or moderate injury, embarassment, or financial loss).
Cabinet Office gave the entirety of Government till June of this year to re-align ALL their legacy data to this new model...
Maybe their 'discovery' exercise identified that the nature of data to be put into this platform now far exceeds the threshold ceilings of the new three OFFICIAL Tiers?
C) Azure and M365 security has recently been shown to be less than good. Just this week the US, UK, Canadian, Australian and New Zealand IT security bodies published a joint advisory on how Chinese and Russian hackers are now deeply embeded in the platform and are "living off the land" to the extent that a service user may not be able to distinguish between a valid Microsoft message or service or the hackers.
In the US - but interestingly enough not yet in the UK - major news feeds carry lead stories about the US Government's growing security concerns.
Some are even openly suggesting that Azure/M365 is no longer a trustworthy platform.
Remember here that the US Gov sit on a segmented and Federally approved Azure - more likely to be robustly managed and which must operate 100% in the US.
If its possibly compromised by Foreign state actors, then the public Azure must be literally the wild west...
The UK Gov largely sit on that wild west Public Cloud -(we don;t have a major UK alternative nowadays) and its THAT cloud which Cabinet Office have just paused their migration to.
Might be a ctotal oincidence or it MIGHT just be a 15 watt light bulb going on over someone's head.
Don't know how hot CO are on document management, but MS throws you at SharePoint. The most basic foundation of any DMS is a permanent Document ID, so that no matter how anybody mucks around with its path, filename, title, etc. you can still find it. Unfortunately, MS broke Document ID access a few years back and it is no longer possible to create a permanent link to it. As an author who spends much time uplifting draft documents (In a differernt Department), I find this wasting an unbelievable amount of everybody's time and goodwill. MS were made well aware of the issue, but have since continued to degrade document management in SharePoint.
Just maybe someone in CO actually cares about reading what they said at that politically explosive meeting last year, and has been digging into why they can't seem to find it any more.
This post has been deleted by its author
I work in government
I don't care which infrastructure they use but it would make everyone's life a lot better if the Cabinet Office enforced open document formats in this contract.
I don't mind Teams and Sharepoint they seem to work well - but the continuous cesspit of document standards is a royal PITA when working across different architectures/ organisations internal and external.
Microsoft don't need to lock others out of Office now - it's time to pull on your big boy pants and comply with international standards.
Yep. Happening with us. We were hybrid but now Microsoft and the MSP we use have convinced the bean counters it will be cheaper. They totally ignore the MSP is a partner of MS and get kick backs for whatever we put in Azure.
I've given up objecting as no one listens. But, because of the likes of the Horzion scandal, put all those objections in emails.
What the cabinet office was on Google Workspace is beyond me. Google GSuite has always been shit. Trying to share docs with people not on it is a pain in the arse.
Back all those years ago Cabinet Office liked to hire young men fresh from university in tight suits who did eveything on new fangled Apple tablets and who were determined to be seen to be 'disruptive'.
Ministers want to be seen to be young hip and cool (and probably to do other less publicly acceptable things with young men) agreed with eveything these proto-influencers said and to hell with things like national security or best practice or actually making things work.
So they threw their lot in with Google because it was new and not MS (If Apple had an option that's where they would be now).
I remember being at a government security conference and watched these shiny idiots prance around on stage being dismissive about security best practive because it was more important that his iPad worked in a public venue. At a breakout one chap not too far from me who was apparently involved in rather boring submarine nuclear defence things rather loudly exploded and had to be held back from physically re-educating one of these shiny suited fools.
As far as I know this sort of practice has continued and been widely adopted usually under the banner of 'agile development', 'business transformation', 'disruptive change' etc when what it actually means is expensive half baked barely functional shite with a pretty but unusable UI.
"Does this just indicate which shared are owned by the UK's Cabinet Office members?"
Never attribute to malice that which can be explained by incompetence. When most people read about "government" and "civil service", they assume there's at least some sense of control and standardisation. As is evident from this article, different government departments don't even have standardisation on document storage, security, or the desktop. Things are the same on shared services, web hosting, facilities. GDS have done some great stuff trying to drag IT together, but that's been a thankless task, is under-resourced and centuries of work to complete (so it never will be), and the current levels of fragmentation are dreadful. Cabinet Office (where GDS report) would be the place to get this sorted, but as this shows, they can't even get their own house in order. In large part this is because each government department led by a minister exists as a baronial court, with the minister jockeying for influence, to dodge blame and evade troubling decisions, and most importantly they don't want to do anything that doesn't specifically and personally reflect well on them personally. This has been made significantly worse by the vast turnover of ministers we've had for the past twenty years, and as a result of all these factors cross-government cooperation is the exception rather than the norm, and teams work in departmental silos. That in turn is made worse by the idiotic use of arms length bodies which mostly do their own thing altogether on IT and services, as well as meaning that (in particular) ministers and regulators are too distant.
All of which means government buy the same stuff multiple times from different suppliers on often variable terms, and cross government cooperation is poor.
I probably didn't read the article properly but what did this failed project cost in the end then? I know there will always be commenters who think that some command line Linux and vi is good enough, but that's just not the reality. Instead I've often wondered why more public sector bodies don't band together and get better bulk licensing deals out of vendors? I remember back in the dim and distant past the NHS had one giant licensing agreement with MS that gave them a better discount than hundreds of piecemeal agreements negotiated locally and then the coalition government came along and decided that was a crap idea and scrapped it.
Regardless of your ideologies on software/vendors/etc, you'd think the best policy where taxpayers' money is involved is to get the best possible discount whilst getting the maximum level of coverage.
According to the Contract Finder award the Discovery Phase payment to Microsoft was capped at £1,868,224.
There will have been other costs under the Capgemini wider contract as well.
That contract has a total maximum value of just over £15m, with each phase paid in a series of Purchase Orders (PO's).
If the Discovery and Pilot Phase has a PO figure against it, its been redacted - so not clear what the charges for Capgemini delivery against the Discovery and Pilot were - though comments in the contract and associated documents suggest notional caps per sub-contractor phase of £1.8m also?
Forgive my ignorance, but...
I get the point that a large organisation like a government wants or needs the comfort of a large supplier, and I understand that they would look at fragmented suppliers of Linux based systems and would balk at the prospect of using them, and would look upon Libra Office as not the market leader (by a long way, dispite its actual capability).
As I see it IBM/Red hat are the only hope of getting the Linux breakthrough that could break the MS stranglehold and provide the guarantees and comfort to take this big step. Without this the year of Linux will never come, at least on the desk top.
Of course this all rests on IBM becoming a disrupter, so I am not holding my breath, but without this the Linux desktop dream is an also ran.
IBM's offer of anything needs to be sufficiently profitable to please Wall Street in the first place, and then they need to demonstrate growth on top of that, meaning that they will (as usual) be looking to ream out customers locked into multi-year deals. Where the attraction in Linux that's as expensive as Office or Docs?
This post has been deleted by its author
Sigh. Maybe it’s paused because yet another layer of pointless consultancy are involved with a complex public sector project adding no value and sucking the life out of the public purse strings… but that would then suggest that someone in the CO identified that this is happening and has had the balls to do something about it when the PMs other half heads up one of the worlds biggest examples… doesn’t sound right, does it?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
