Brexit: A cloudy future for the government’s vendor relationships



Paul Wooding, Regional Director of Public Sector, Cloudera spoke to Business Leader about the impact Brexit has had on the government’s relationship with vendors across the UK.

Historically the UK Government has been perceived as lagging behind the private sector when it comes to digital adoption, with legacy IT and technical debt holding back modernisation. Yet a recent report revealed the pandemic has led to increased use of digital public services: almost a fifth of UK citizens surveyed now have a more positive view of public service delivery. However, 40% are still not confident in the Government’s ability to deploy emerging technology and feel that whilst improving, things could be done better.

Beyond the pandemic, digital transformation is set to stay on the public sector’s agenda. But as it stands, the government has a rigid data strategy, depending on a handful of cloud vendors to provide mission-critical services for its many departments. At the same time in the aftermath of Brexit, vendor relationships are becoming increasingly uncertain. It is the perfect time for a reassessment of each government department’s data strategy to ensure key digital services don’t lose traction. Proactive changes, implemented now, will set the public sector on the pathway to success in the future.

Dreaming of a digital future

In March, the government held an eForum on the UK’s National Data Strategy, outlining its aim to position the nation as a “global champion of data”. Namely, it seeks to ensure the continuous and secure flow of data across borders. A lofty goal, as the UK is now a third country in the eyes of the EU, meaning that it has fallen out of the bloc’s General Data Protection Regulation (GDPR) zone. As is the protocol for third countries, data adequacy – which would allow for the free flow of personal data from the EU to the UK – is still to be finalised. If the UK does not receive this status, it will have to implement additional safeguards to transfer personal data between the two regions, accompanied by significant costs and delays.

In the face of adequacy rulings, the government must reconsider how it stores and processes personal data to ensure regulatory compliance with the EU’s rules. Otherwise, it risks heavy fines; companies disregarding GDPR face charges of up to €20m or 4% of the company’s worldwide annual revenue.

The question is, what can the government do? By implementing an open-source data strategy alongside hybrid, private and multi-cloud environments, it can achieve transparency in how data is being stored and processed, aiding in compliance. Hence, the public sector can achieve its digital ambitions, while flexibly responding to current and emerging challenges.

A silver lining for the public sector’s cloud

The government’s reliance on specific vendors needs to change. Instead of building defensive data moats, it should be digging wells from which public sector organisations can draw consistent, clear and trusted information that is central to their strategy, compliance and governance, no matter the vendor.

With hybrid, multi and private cloud environments, departments can have a greater degree of flexibility and agility in where they host and process data and run their workloads. Organisations can choose to run sensitive or complex workloads in traditional data centres whilst public-facing applications may be better suited to a public cloud environment. Crucially, by moving data and workloads between environments, departments can quickly respond to changing needs and legislation. Thus, the public sector has the capacity for modernisation in the future, rather than being locked into contracts with hyperscalers.

Harnessing an open-source data strategy

Using open-source standards as part of a data strategy can enable the government to become vendor-agnostic. A big statement, but a true one. Through years of experience working with both the public and private sector organisations, we know that placing data into proprietary data stores that are owned and operated by third parties is akin to placing money in private bank vaults. Safe, sure – but not easily accessible, or necessarily delivering the best value.

Open source standards enable public sector full data lineage visibility at all times, and gives government data controllers the ability to limit access to data, delete, or even move it should the need arise. This level of control, provided by open source standards/ architectures/ tools within public cloud solutions, makes it possible to achieve the highest levels of compliance with all the data protection principles as well as the other UK GDPR requirements, including meeting ICO guidelines. On the other hand, proprietary software – like that used by the vendors that many of the UK government departments works with – can lead to siloed data. As these programmes are encrypted, the government has limited control over what to do with the application and as a result, with the data.

The road to becoming a global champion of data

For the UK public sector to stay on course for its digital transformation agenda, eliminating vendor lock-in will be critical, especially in the face of Brexit. Otherwise, the government risks breaching GDPR or losing access to vendors’ services, whether that be due to temporary downtime or a permanent dissolution of the relationship.

To build flexibility and agility into the government’s digital services, hybrid, private and multi-cloud environments are key to mitigating dependencies on cloud vendors while gaining transparency in how data is being stored and processed. At the same time, an open-source data strategy will grant the public sector control over the management and processing of data, enabling it to keep up with new and existing data protection regulations.