Government
With 96,000 staff across 35 agencies, responsibility for 87,000 prisoners, and no shortage of "legacy" IT, it was always going to be a mammoth task to get the Ministry of Justice’s digital systems in order.
Nava Ramanan admits that when he first joined the Justice Digital team, a small change to its systems would take weeks and “cost so much money” once it had passed through various reviews and external partners.
Now, three years after launching its Digital Strategy and despite some headwinds, changes are completed faster, cheaper and at a higher quality, the Deputy Director of Digital Infrastructure and Security Operations tells The Stack.
As the department moves through the final year of the strategy, Ramanan and Head of Network Architecture Thomas Churnside sat down with The Stack to discuss challenges faced and overcome in delivering the promised “simpler, faster, better” service.
A 'smashed together' IT system
One of the biggest challenges the MoJ has faced since its creation in 2007 is creating a unified platform from the legacy IT systems that managed operations across prisons, probations and courts in the UK.
“When the MoJ was created and everything put under one roof, you were kind of smashing together three very different estates with very different users and very different requirements,” says Churnside, meaning “effectively every problem you have is then multiplied by three.”
As a result, a “key part of our strategy is unifying our infrastructure”, he explains, with the end goal of providing one set of end user compute services.
See also: Understanding HMG's CIO exodus
Already a difficult task, but as the MoJ is a government department, and one responsible for sensitive legal issues, it is “instantly a target” and needs to have security ready to shut out everyone from “nation state actors to kids in their bedroom trying to get into the system,” says Ramanan.
Churnside adds the need to protect data from other agencies means the Justice Digital team also has to segment infrastructure “to make sure a particular use case is tied down and protected.”
For example, the MoJ’s work to supply WiFi and mobile devices across the UK’s 123 prisons comes with not only the challenge of trying to get a signal through Victorian-era buildings, but also the “internal threat” of some prisoners seeking to get past limits on their internet access.
Ramanan also highlights the challenge of maintaining visibility across the MoJ’s operations, something the digital team was not able to easily do a few years ago but has “significantly changed in the last three years as the network services team has been built up and as we in-house more services.”
An improved network
Despite all these challenges, and headlines on ballooning costs and angry MPs, the MoJ is “in a much better place” on many of its IT challenges Ramanan gladly tells The Stack.
On the network side of things, Justice Digital is moving its legacy MPLS networks across to Direct Internet Access (DIA) circuits to provide more bandwidth and faster connections.
Since November 2023, the department has also been rolling out a Secure Access Service Edge (SASE) solution to provide better visibility and security of its networks and a “more efficient way of routing traffic.”
This “network transformation” has provided a better vantage point of view says Ramanan, allowing Justice Digital to run a “single policy for any type of device, any type of network. Which is really key as it provides a seamless user experience regardless of where you log in from.”
By providing “more visibility then ever before” and scope to run more automated operations, the new network has also improved security, he says.
A platform provided by Palo Alto Networks gives the digital team a “centralised view” of the MoJ’s operations, to “make use of AI and machine learning to get through a vast amount of data and get rid of the noise," allowing cybersecurity teams a better overview, explains Churnside.
Revisiting the prison Wi-Fi example, Ramanan also says better control of the MoJ’s network allows it to “have multiple layers of security controls in place”, including device-based mechanisms and a “security operation centre who proactively monitor these services.”
A more agile, in-house approach
On top of these technical changes, a move towards more in-housing of “architecture, security, engineering, product development” services has also been a key driver of innovation for the MoJ, the two digital leads tell The Stack.
Churnside says: “Four years ago we had a completely externally managed network solution that we didn't really have any internal resources to understand.
“We've gone from there to a place where we've understood the environment, identified a strategy, found a product that fits that strategy … and now we are internally managing the logic for a third of our estate, and in doing that, we have so much more visibility and agility.”
Despite these benefits, there is still a place for third-party suppliers, with the MoJ remaining one of the civil service's largest customers for cyber vendors, Ramanan says his team now looks at “service boundaries” and value for money when evaluating its approach to technology.
“We want to make sure the user is not impacted based on multiple handovers between external and internal parties” he says, with the key being to break an issue into smaller components and think about where a third-party could deliver a better service.
For example, the MoJ outsources “field services” as it isn’t worth trying to accommodate the need to have engineers within one or two hours of all prisons in the event of a network outage, “we wouldn’t really save that much money or see the benefit doing it internally” says Churnside.
The in-housing process has also improved external relationships he says, making the MoJ “a much more intelligent customer” as instead of asking a vendor what the solution is for an issue, “we look and decide what we need to do, what the business requirement is, and the best way to do that, then we already know what we want.”
We're not old school
Focussing on these more fruitful relationships is one of the best lessons the MoJ can provide the private sector, Ramanan says, telling others to “build effective, strategic relationships… making sure that everyone understands the common goal.”
This also should inspire "courage" that “we shouldn’t be doing things because it has always been done in a certain way” he adds, with teams working together on “continuous improvement.”
Organisations should be able to ignore expectations as well he says, dispelling the belief, which he also held before joining, that “there’s so much red tape and the civil service is old school.”
“That is not what I’m seeing, we deal with cutting edge technology” Ramanan tells The Stack, taking the example of the Prime Minister’s recent push to encourage AI use in the civil service, something the MoJ has been doing “for years.”
“People understand the civil service as a laid back environment, but it’s not. We explore lots of [tools] with AI,” he says, emphasising the new approach to AI policy in the public sector has provided the framework for “safe, ethical and legal” use of the technology, something the MoJ has faced trouble with in the past.
“From a network point of view” Churnside adds, “to be able to have it all unified in one place, in a product that is fundamentally built around making use of that data [means]... whatever the future in terms of AI, we’ll be in as a good a position as we can be to take full advantage.”