Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

"Good design enables, bad design disables"

Emma Maier
  • Comment

The Cabinet Office has decided to reappraise its interpretation of its guidance on the level of data security required to access the public service network. This means that, although the guidance has not changed, a significant number of councils that were previously deemed to meet the requirements, with the stroke of the pen now may not.

The Cabinet Office has decided to reappraise its interpretation of its guidance on the level of data security required to access the public service network. This means that, although the guidance has not changed, a significant number of councils that were previously deemed to meet the requirements, with the stroke of the pen now may not.

Some are on notice to be cut off, leaving them potentially unable to access data such as benefits details and to share critical child protection information.

Balancing security with other priorities is inherently challenging. The stakes are high - get it wrong and you may open the door to crime, fraud and even terrorism.

In this case the other priority is the need to share information effectively and swiftly. And the stakes are also high: the implication of failing to share child protection information doesn’t bear thinking about. The outcomes for benefits or troubled families work are also serious.

The Cabinet Office’s clumsy approach seems to lose sight of the end goal.

A handful of councils do need to up their game on security. But many of the councils affected are forward-thinking organisations with comprehensive flexible working, ‘bring your own device’ policies and partnerships with charities, public agencies or businesses. What is worse, some leading-edge solutions, such as ‘containerisation’, which would allow the requisite security on staff’s own devices, have not been approved by the Cabinet Office, despite being used by the security conscious US military.

Some councils have been left in doubt over whether joint working with charities and other agencies can continue. Others may need to row back flexible working arrangements. And all affected will face additional costs to make changes, with estimates ranging from £20,000 to £190,000 per organisation.

While the costs are not enormous, funding this at short notice will be challenging for some at a time of severe budget constraint. But the real issue is that, once again, Whitehall is showing an inability to create joined-up policy or see the bigger picture.

The security issue is at risk of forcing councils to unpick work that saves money and improves outcomes elsewhere, and to block modernisation work - all work promoted by other government departments. No wonder civil service reform is proving so elusive.

Councils are generally in a better position than some government departments and even some suppliers, but the danger is that the situation could result in poorly designed solutions that hinder other than enable staff. And when that happens people tend to look for workarounds and short cuts - which could undermine security in the long run.

Ten years ago the European Institute for Design and Disability adopted its Stockholm declaration, summarised simply as “good design enables, bad design disables”. The statement applies equally to technology and to policy.

  • Comment

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions.

Links may be included in your comments but HTML is not permitted.