Business Cloud News
The UK government is ahead of the curve in pushing cloud-first in the public sector. But will that remain the case?

The UK government is ahead of the curve in pushing cloud-first in the public sector. But will that remain the case?

The UK government is “ahead of the curve” when it comes to cloud adoption and streamlining digital service procurement practices across the public sector, according to recently published research from IDC. But Massimiliano Claps, research director at IDC Government Insights told BCN that while the UK government has taken strides to refine the procurement and certification process for G-Cloud, it’s unclear whether the moves will make buyers’ lives easier.

G-Cloud has enjoyed its fair share of success – and criticism – since its introduction in 2012.

Although some have argued the Cloud Store – the digital store for government accredited cloud services in the UK – hasn’t generated the amount of sales initially expected, sales have nevertheless increased dramatically in recent years. In December 2013, £94.8m in G-Cloud sales went through the Cloud Store; as of October this year sales reached £346m.

The procurement programme has also been criticised for failing to gain traction outside of central government, though there’s some evidence to suggest this is changing.

Still, Claps suggests that the UK is far more advanced in its pursuit of pushing cloud services in the public sector than most countries, particularly in how the UK government has moved to streamline procurement through G-Cloud (and more recently, other digital service frameworks through the Digital Marketplace) as well as accreditation.

“If you look at what the rest of Europe its doing it’s clear the UK is far more advanced than Europe, Canada and Australia,” he said. “Part of the reason is cultural. The UK has a legacy of being far more open to contracting with global suppliers. If you look at Germany, France, Italy, Spain, and to some extent Northern Europe, they more often than not rely on local vendors. And none of them are really releasing guidelines on how to procure these services in a consolidated way.”

The UK, then, is coming at this from the opposite direction vis-à-vis most of these countries; one of the primary goals of G-Cloud is to create a more level playing field between global cloud giants and smaller local incumbents when it comes to contracting with government, bolstering visibility of the latter in the public sector.

Claps said although the Cloud Store may not have generated the volume of sale many expected, it’s definitely doing better than similar initiatives taken elsewhere – like the US, which recently cancelled its public sector cloud app store initiative.

“It’s generating an impact beyond the Cloud Store. It generates awareness across government, and has created the right context for the pan-government accreditation mechanism – which even though it was slow to get approval, created a good environment for buying by reducing the burden on government departments when it comes to auditing.”

That pan-government accreditation for G-Cloud, however, has since given way to self-certification as the means by which vendors prove themselves capable of meeting the UK public sector’s recently revised information security rules. But with suppliers on G-Cloud no longer needing to obtain pan-government accreditation, Claps said it’s likely the added burden on buyers may stall some of the success the programme has so far enjoyed.

“For the next 12 to 18 months, the vendors that have achieved pan-government accreditation the old way will have an advantage because the new way is less trustworthy,” Claps said. “Even if we assume all vendors self-certify in the appropriate way, the real problem is on the buyer side – they don’t have the skills to understand if that is appropriate, and relate, tune and contextualise that self-certification to the specific use case.”

Instead, it would have made more sense to require third-party certification, he explained.

  • Tony November 30, 2014 at 10:43 pm

    The study referenced by Clap, made a number of incorrect assumptions. The new G-Cloud security approach is not a self certification process, but a transparency excercise. Also, UK government organisations were always required to conduct a proportion of the accreditation process. The Pan Government Accreditation over the course of 2 years had only accredited around 200 g-cloud services out of 17000. The new approach re-uses the various Assurance and Audit reports and processes that service providers already carry out. This will open up market, and level the playing field for SMEs and enable buyers to practically procure services with relevant security to the data in hand.

  • Post a comment

    Threaded commenting powered by interconnect/it code.