Open SourceSecuritySoftwareWorkspace

Bristol Council’s Open Source Push Hits Security Buffers

0 0 1 Comment

The open source move by Bristol City Council has been struggling over government concerns about security

Bristol City Council’s attempt to become the first local authority in the UK to implement a council-wide open source strategy, continues to run into delays and snags, the latest of which apparently concerns security.

It was back in September 2010 that Bristol City Council announced that it was seeking to combine open source and Microsoft software. And as part of an ongoing review of its desktop systems, the council has been looking to replace its current email system.

It has been considering a number of open source email solutions, but Bristol City Council confirmed to eWEEK Europe UK that none of them have the necessary government security accreditation to enable the council to use them.

Security Accreditation

It seems that only three email systems are currently certified by CESG, the Information Assurance (IA) arm of GCHQ. These systems are Lotus Notes, Novell Groupwise, and Microsoft Exchange.

Therefore in the Bristol Ciity Council scenario, this likely means that Microsoft is its only permitted choice.

CESG has made waves before regarding what software and devices the government can use.

It previously recommended the use of BlackBerry handsets, and in December last year it encouraged government departments to upgrade to Windows 7, because it said that it was the safest Microsoft operating system to date.

Letter To Government

But in an effort to overcome this security compliance problem, Bristol City Council Leader Barbara Janke sent a letter to government ministers and senior Cabinet Office civil servants, apparently highlighting the need for urgent action.

As a consequence, the Cabinet Office’s Senior Advisor on Innovation and Transformation through ICT, Liam Maxwell, has apparently “responded positively to this approach” and a senior Cabinet Office Team will visit Bristol shortly. It is thought they will discuss what actions the government can take to help Bristol City Council resolve this issue.

Liam Maxwell is of course a noted open source enthusiast, and in June he was appointed as technology adviser to the Cabinet Office, starting his role in September.

Prior to that Maxwell worked as an advisor for the Conservative Party regarding technology, and was widely considered to be the man behind the Government’s open source strategy drive, which is now being executed by the Cabinet Office.

Open Approach Support

“This is an excellent example of the leadership role that Bristol can play in supporting the use of open source technology where it meets our needs,” said Council Leader Barbara Janke in a statement emailed to eWEEK Europe UK.

“We fully support the government’s agenda on making data  widely available,” she added. “This enables much more beneficial collaboration between public agencies generally but also productive and innovative working using the strengths of the private sector in Bristol.

“We are keen to work with Government to produce a solution that works for Bristol and other councils. We have a thriving digital and IT sector in the city and we are keen to do all we can to support the city’s businesses,” she said.

“We will continue to look for opportunities to support an open approach to our IT delivery and support the local economic agenda,” Janke concluded. “We believe this outcome will be best served through the implementation of open standards.”

  1. The problem the CESG is AFAICT they never look at solutions that are not already in use – so when their approval became a major factor they just looked at solutions in use in the public sector, inevitable terribly last year’s mainstream, then approve those.

    This is inevitable because the CESG charge to gain approval – so products that do not already have a significant public sector user-base would not be likely to pursue CESG approval; and those products that are priced more realistically for software e.g. open source and SaaS products are not being reviewed at all.

    The end result is that public sector bodies are basically in an expensive vicious circle; competition in IT is suppressed despite the complex (and expensive!) procurement processes. The CESG hurdle needs to be removed insofar as a cost issue for open source solutions – maybe it would be fairer if the charge was a % of the supplier’s existing public sector revenue?