What could go wrong
Probably not a lot as I suspect NSA probably already has access to it all anyway
The UK Parliament is migrating to Office 365, which will become the default option for email, file-sharing, hosted apps and storage services for MPs and parliamentary staff from May 2015. Like many organisations, Parliament has decided that moving to the cloud offers the potential for financial savings. A January meeting of …
Obama gets most of his morning digest from the PRISM program.
NSA leaks show it has a secret policy of keeping UK information even despite the no-spy gentlemans agreement.
Snowden leaks show Britain allowed it to keep email data on Brits.
Merkel/Sarkozy leaks shows they spy on politicians.
Snowden interview shows they use data to leverage control of political and economic figures.
Despite this, they're migrating to a US controlled cloud. That will mean that Obama can monitor policies at the fledgling stage, before they're discussed, before they're voted on, and work to eliminate those at an early stage, or work to marginalize any politician with policies he doesn't like.
The job of securing British political emails, and protect them from foreign spies is GCHQs. Are they really so broken and 'turned' that they permitted this cloud move???
Really?
What next? US based cloud voting?
Are they really so broken and 'turned' that they permitted this cloud move???
What I do not see yet is which cloud this will sit in. I don't think government standards will allow a foreign hosted cloud, so I would assume that there is at least some containment - that's where I would ask the questions.
Not that it matters much, they're using Microsoft. That's game over right there.
"What I do not see yet is which cloud this will sit in"
The Azure/Office 365 EU cloud I'd imagine in Ireland and Netherlands which, given that it's not sensitive data will be absolutely fine and (apparently) not subject to the Patriot Act. All this info is on the MS website if you choose to read it, the solution is actually pretty good now albeit still with a few limitations. The data centre will certainly not be in England (or UK) though, they don't have one which has been publicly disclosed for the cloud here and given how specific the documentation is I doubt they have an undisclosed cloud DC here either. There's an outside chance they might add an Azure pod to one of the Microsoft Corp DCs just for government of course, MS love to win government contracts one way or another :)
"IT'S THE CLOUD - IT'S EVERYWHERE AND NOWHERE".
It's everywhere and no where, baby
That's where it's at
[]
Saying everything is groovy
When your tyres are flat
[]
Files are in your pea soup, baby
They're waving at me
Anything you want is yours now
Only nothing is for free
Lies are gonna get you some day
Just wait and see
So open up your beach umbrella
While you're watching TV
[Can you tell what it is yet? 1967, if that helps - how did he know?]
So when they can't pay the (possibly substantial) subscription, all parliamentary procedures stop, yes?
"I'm sorry, UK Government Procurement Advisor, Microsoft have to increase your subscription by 1000% this year, and we project the same or greater for the next 5 years. OK, you don't want to pay? Well, we'll generously give you 28 days to extract your data from our services. You still have some legacy in-house services left, don't you?"
I must admit that I see this whole policy as full of risk. I just hope that they can specify that the data must not be stored anywhere in US juristriction. Imagine someone doing a "Bradley (or should that be Chelsea) Manning" on the MPs email and official correspondence.
....from the whole snowden thing? (not his leaking of documents but what he actually leaked) - the spooks of all nations seem to have infiltrated a lot of big companies either by hook or crook. Either way it makes no jeffin' difference - this is not a secure way for *any* government to do business with data. I don't care if its the MP's paper clip expenses or nuclear weapons purchases it shouldn't be in the cloud.
And as for letting M$ get the gig, jeezus. We need to get out of bed with that one. (I'm not suggesting google would be better btw) - but thats one supplier that needs to be removed from their far too powerful position within gov. Then again your average MP is a bit simple and probably couldn't cope with anything else or understand why alternatives may actually be cheaper.
Anyway, if they move gov data to cloud and this will end in tears I predict.... (not least from our own hacking newspapers :) [though I hope I am proved wrong]
Friends ONLY spy on friends.
Whats the point of knowing the launch codes for the Russian missiles? Unless there is a WWIII there is little value in knowing ANY enemy military info.
Now whats the value in knowing the other Eu ministers position on agricultural subsidy cuts or on whether Scotland would be allowed into the Eu without the Euro?
"Unless there is a WWIII there is little value in knowing ANY enemy military info"
It's worth knowing that Vlad at the missile base will not under any circumstances push the button to kill millions of civilians and has secretly cut the wires to make sure nothing happens if he does.
(You think this hasn't happened?)
"It's all right. Friends don't spy on friends".
Which would be very reassuring, except that NATIONS DON'T HAVE FRIENDS. They have interests. (Ideally, those would be interests different from those of the ruling clique and their rich cronies... but let's try to live in the real world).
"Can you seriously expect them to learn something other than Microsoft Office and Windows?"
We already expect them (or their staff) to re-learn radically different UIs and behaviours every time MS decide to radically change UIs and behaviours. Where's the problem (in that respect anyway)?
Well, the main story isn't a big surprise. What would have been a surprise would be Parliament adopting an open source solution with RDP into secure servers to cover BYOD - thus promoting a locally designed system from software houses near at hand...
What I am interested in is what the Hansard gang are up to? If they wanted independence from MS, why on earth not just coopt existing open source software and put a bit of dosh into it?
The tramp: I'll be selling the Big Issue if I don't get back to my paperwork, all done on a laptop running CentOS with Libreoffice. And yes, the hard drive is encrypted just to stop that 'data found on laptop left on the bus' issue.
Yes, exactly, have your own cloud, if you like the name or your own servers, if you understand anything. Move to LibreOffice, skip MS, skip being lambs, skip supporting something you have absolutely no reason to support. Using the web, I have sometimes been ordered to upgrade to this or that MS product/version. Consider how much easier and more honest it would be to refer to a product that is free to download and works on almost any OS. Consider the independence and the savings you would achieve. Use your power, your brains, why a lamb for no reasons. Ask for help if you need it, support and take part in LibreOffice.
You seriously expect them to be able to operate an alternative office suite?
I doubt that more than a handful of them are actually competent at using the tools they're allegedly already familiar with, so I can't see them being any less able with any alternative.
It's not as though LibreOffice was staggeringly dissimilar from Microsoft Office, especially Microsoft Office 2003 which is what they've all been using until very recently. I should think the ribbon has proved more of a challenge than switching to LibreOffice would have been.
"Move to LibreOffice, skip MS"
The difficulty there is alluded to in the article where it's mentioned they are using Word templates. Based on my very limited experience with a single Govt. dept, these are not just simple templates but programmed (VBScript??) templates which lead the user through filling out forms or reports in a specific way, often for legal reasons.
"these are not just simple templates but programmed (VBScript??)"
Actually Munich had a lot of trouble with those, however they managed and were able to get those scripts out there and replace them with self written software.
>keep the data in your OWN cloud
Yes this would seem sensible, particularly as MS Office 365 with IL2 accreditation is available via G-Cloud and so Parliament would avoid all those data sovereignty and security issues that need to be tackled just because Parliament has decided not to use the G-Cloud procurement framework.
Giving Ms credit for being sharp salesmen, it wouldn't surprise me for MS to wrapper the G-Cloud service up and resell it to Parliament as MS Office 365P ('P' for Parliament) at a suitable price premium.
But yes agree it does look like yet another opportunity for the government to reinvest taxpayer's monies in UK-based software expertise has been missed.
"So you want to keep data which is local, only ever going to be local, only needed locally, never accessed remotely, not WANTED to be made available outside our building, which can only WEAKEN our security by being off site, hosted offsite."
"On the cloud. Yes."
"Why?"
"Well, because it's the way of the future."