Government has nearly 100 websites
Moving to an e-government system for public services within the next 18 months, as currently planned, will present numerous security and service challenges as the government tries to consolidate nearly 100 websites into a single portal.
Premier Alden McLaughlin announced Monday that, following recommendations made by government consultants Ernst & Young, Cayman would seek to fully implement e-government – the ability to access various services online without the bother of having to attend a government facility to obtain them – prior to the end of his administration’s term in office.
This announcement came amidst recent concern from the auditor general’s office about security and privacy protection for government data as it currently exists, as well as a more general difficulty with the state of the public sector’s record-keeping.
Director of E-Government Ian Tibbetts said Tuesday that security and data protection would be paramount to any services government tried to provide via the Internet. However, Mr. Tibbetts pointed to another concern that must be solved with the administration of the e-government system: customer service.
“We have to cut down on the number of websites, but not just from a logistical perspective,” Mr. Tibbetts said. “If you don’t understand the way government is currently organized … it would be a challenge for you to know where to get services.
“We intend to go with a single service portal, one point of access to all the government services.”
Mr. Tibbetts indicated that government departments, in one form or another, now have almost 100 websites, which presents a security issue as well.
“You now have to worry about securing every one of those individually,” he said.
Former Auditor General Alastair Swarbrick reported last month that the government’s information technology infrastructure is not sufficient to protect against either external hacking or internal sabotage.
An IT security review in 2012 and found 19 areas in government’s software systems that were judged to be either high- or medium-risk in their vulnerability to attacks on the “confidentiality, integrity and availability” of the government’s systems. High-risk areas were defined as those that posed an immediate risk and threatened the operations, finances or reputation of the government.
A follow-up review this year found that the problems with government’s IT security had gotten worse. Nine areas in the government IT systems were identified as high risk and 11 others were considered medium risk. Additional problems included the use of outdated and unsupported software programs and significant vulnerability of sensitive government information to potential cyberattacks.
“Information technology governance and security has not been a priority for government managers,” Mr. Swarbrick noted in his report. “Management had not mitigated the significant risks and vulnerabilities around the confidentiality, integrity and availability of the IT systems and data.”
The problem with public sector information management is one that has to be addressed in a universal fashion before any significant move to e-government services can be achieved, in Acting Information Commissioner Jan Liebaers’s view.
“Information management has been neglected,” he said.
For instance, the management and updating of government websites has led to the current situation where the sites “grow organically and they get out of control.”
“You’ll find a website that announces there has been this appointment or that appointment, there’s no date attached and eventually it turns out the appointment was five years ago,” the information commissioner said. “You can’t have a single portal and behind that is still a mess.”
Mr. Tibbetts is confident, although the government has an “aggressive time line” for implementation, that e-government services can begin in a meaningful way within the next 18 months.
“It is a huge challenge,” he said. “We have quite a lot of process to go through [referring to procurement and the like]. Those things do add some time, but the governance is necessary and worth doing.”
Cayman has made several past attempts to enable on-line access to government services. There some examples that exist today, including within the Lands and Survey Department and the General Registry, which Mr. Tibbetts has referred to as “well-kept secrets.”
“We’ve never really promoted them to the public,” he said, during an e-government conference in September. “We build them, we put them in place, and there’s limited exposure.”