Mark Ferrar took over as Microsoft's UK national technology officer (NTO) in October 2010, having spent the previous six years advising the National Health Service on how to make the best of Microsoft technology.
Computing: What does role of the UK NTO involve?
Ferrar: The NTO is here to foster long-term relationships with Microsoft's public sector customer base. I'm usually called in to explain things from a technology perspective, but sometimes call them about specific Microsoft activities or initiatives that I think they might be interested in.
Does that mean lobbying politicians?
Microsoft has legal and commercial people who manage direct relationships with politicians though I do have various meetings with MPs as well, and we have a very close relationship with government security centres of excellence.
Otherwise I tend to talk to individual government department IT directors, chief software architects or those operating at CxO level depending on the degree of technology involved in the debate, which is not always the case – it is often just about the business case or process engineering.
Driving system change is enabled by IT but driven by business, and sometimes people want to go directly to service providers for a dialogue, rather than their own IT people, to get a broader perspective.
How is what you did at the NHS applicable to the wider public sector?
We spent a lot of time considering how to move the NHS to a hosted Microsoft Exchange mail service, which we did through Cable & Wireless, and that was the precursor for the activities we now have with other government departments.
The NHS and all of its trusts had 600,000 users or more accessing cloud-based mail services from multiple tenants on the same platform, whereas even departments like the DWP or Revenue & Customs only have 112,000 users maximum, so there is a dramatic step change in scale.
What sort of challenges do you anticipate here?
One is how to deliver cloud-based services with a dedicated administrative piece that gives the end user organisation control over adding, deleting and changing mail accounts for themselves.
Moving user accounts and data into the cloud is not always straightforward but it is much easier now than it was in 2007 [when we migrated the NHS to hosted Exchange] because we have better, slicker tools to do it, which have a more familiar administrative interface.
We can now make Exchange in the cloud and Office365 [OfficeProfessional, SharePoint] look like just another service [or application] running on a local server, for example, but users will see only their own bit as part of the service they pay for. We did not have that in 2007.
How will you address data security concerns associated with cloud services?
We have to understand more about the assurance process, and make sure that organisations treat citizen or patient data in an appropriate way.
We can offer seamless, compatible services from outsourced providers which span both private and public clouds, hosting data in a certain way if it is confidential but providing the means for government departments to exploit the cost saving advantages of public cloud provision.
This means letting users log in and interact with both in completely the same way, using the same credentials and have their identities federated across cloud services.
What other applications and services are likely to make it into public sector cloud services?
Everybody expects the cloud to happen immediately but you cannot expect everything all at once. It is early days for virtual desktop infrastructure (VDI) offerings for example: there are a number of discussions ongoing and we expect the Microsoft partner community to deliver VDI at some point, but customers will not write off their existing investment in physical desktop PCs immediately – things happen on a natural refresh cycle.
Which sort of partners are we talking about and are smaller suppliers likely to get a look-in?
The government is driving towards SMEs delivering public services. Smaller suppliers are often brought in as thought leaders or disruptors to do something in a quick way, but one thing that limits them is that they may not be in a position to deliver the data communications or big iron. Partnering Microsoft enables them to really scale up their hosted services.
Any successful shared public sector cloud service will rely on open standards – what will these look like?
The government is in a consultation process around standards at the moment, which Microsoft is contributing to, along with most of the IT industry [suggestions are open until May before responses will be consolidated and a decision made].
We do recognise that a hybrid cloud environment is the way forwards, and the public sector will have the choice of many different partner networks. Individual departments will choose where to host their services to match their information assurance requirements, so applications will have to run both on-premise and off-premise and be compliant with various standards while allowing government departments to move data in and out of those easily.
What was the App Store idea and what has happened to it?
The concept was to make it easier and faster for different parts of the public sector to reuse assets they have already paid for – everything from making surplus copies of Office they have paid for under the PSA09 [licensing] agreement available more easily to the government, and paying for software development assets that can be reused several times across different departments.
It was quite forward-thinking, and when it was first conceived in 2009 it was maybe 24 or 36 months ahead of its time, though things are moving in that direction. As the government finishes its consultation process around standards we will see if some of these things around procurement, automatic cloud deployment and multiple user access to these assets take place.
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy