The UK’s Department for Work and Pensions (DWP) is seeking a provider of emergency payment infrastructure to help make sure it can continue making 2.5 million payments daily worth some £3.7 billion per week.
The new infrastructure should ensure it can continue making the payments to a third of the British population in the event of a catastrophic cyber attack or other major IT incident affecting its existing infrastructure.
The DWP highlighted the pending tender on June 1 but has now gone to market formally with an open market tender worth an estimated £2.5 million. Potentially suppliers need to submit by September 5, 2022.
It expects a contract to be signed by October 10 and the infrastructure to go-live on December 1, in a sign of how much faster cloud infrastructure is allowing organisations to innovate around resilience.
DWP emergency payments infrastructure
“The potential solution must be able to support DWP with a payment infrastructure to address a catastrophic event which prevents DWP from preparing and issuing payments files. The Department could be vulnerable to external risk such as cyber security threats which could result in the estate environment not being able to access the data and potentially unable to process and create the payment files. The potential solution which will be operating outside of DWP estate is crucial for the Department's risk mitigation strategy” it said.
The project is the latest addition in what has been a complex overhaul of the department’s legacy IT estate – hosting of which has bounced between in-house in the ‘90s, through to outsourced hosting with EDS and later Hewlett Packard, back in-house some six years ago and now to primarily AWS public cloud IaaS .
(Beyond the hosting element, DWP has launched a major push to refactor payments and other applications to be event-based rather than batch-based; underpinned by a microservices architecture, with more use of noSQL databases — it has doubled down on MongoDB — and with legacy COBOL mainframe applications refactored to run on Linux servers. Its Digital Payments Service primarily works in Java, and Node JS; using the Drop Wizard framework for building APIs and web applications and open source monitoring tools like Prometheus and Grafana “so we’re not dependent on some commercially procured software” as we earlier reported.)
DWP recently also went to market for data visualisation support, noting that its numerous transformation programmes had "exposed some limitations and identified several key themes [including] lack of department-wide coordination and inexperience within visualisation delivery teams, propagating delivery reports, and multiple versions of the truth; inconsistent design & delivery standards and KPI definitions between Lines of Business, resulting in non-alignment and multiple versions of the truth; poor data governance and unreliable data sources [that] promotes [sic] doubt in data and insight; poor user experience for various KPI reports; extremely hard to maintain single source of truth (MI data) [and] huge potential for automating human tasks..."
In that DWP "One Service" tender, which closed June 2022, it noted that it currently had "multiple MI/BI data visualisation products and require[d] the consolidation of these products into single source ERS", with products predominately AWS based and "at various stages of development (Alpha to Live)."