A recent report from Bath & North East Somerset (BANES) council gives some great insight into the world of local authorities, infrastructure, technical debt, and Microsoft licensing.
Relating to a decision taken on March 26th, 2019, the council report “IT Asset & License Refresh Programme 2019/2020” points out that January 2020 sees the end of support for many Microsoft products including:
And that “all upgrades and Security patches for new vulnerabilities will no longer be issued to protect these key council systems”.
They identify that something must be done as running this smorgasbord of unsupported software and systems would cause them to lose their central government PSN (Public Services Network) accreditation.
It does state within the council documents that they’ve been working on this situation since 2017, but it’s still somewhat worrying that – with 8 months to go – things are yet to start moving.
The PSN is used to enhance the security of shared data and services throughout government systems because, as it states, “the security of any one user connected to the PSN affects both the security of all other users and the network itself”. Without this accreditation, the local council will be unable to process “anything from central Government agencies”, including:
Clearly retaining PSN certification is critically important, as losing it would significantly affect the lives of countless residents.
The report makes it clear that their “current portfolio is 5-7 years old” and so their desktop and server hardware will need to be replaced before they can upgrade to Windows 10.
They also state that their Enterprise Agreement renewal is June 2019 and the new agreement on offer will land them with an annual charge of £450,000, compared to £214,000 under the current contract. Due to this increased cost, they plan to “buy-out” the current licenses – giving them perpetual licenses for Office 2016 and Windows 10.
There’s no information as to the cause of this price increase. It seems likely it is due to Microsoft steering them towards Microsoft 365, but I’d be interested to see exactly what the current contract looks like – what does it contain, when was it signed, any special terms etc. – and compare that to what’s included in the next version of the contract.
I’d also like to see exactly how an annual fee of £214,000 equals a buyout cost of £721,000 (as per the “Microsoft License Fees” in the accompanying documents)…especially as it also states a separate agreement is being set up for “Homeworking and Database client licenses” which will cost £200,000 a year. What products, and quantities, are included on that agreement?
Microsoft has recently been touting how Office 365 meets the “14 Cloud Security Principles” laid out by the National Cyber Security Centre (NCSC), with the government body saying “The advice aims to help…public sector colleagues check and improve the security stance of their Office 365 deployments”
However, having read through the documents associated with this situation in BANES, one gets the impression that, as an organisation, they’re not ready for the new way of working presented by cloud services.
The project milestones listed are:
It should be noted that Windows Server 2012 falls out of extended support 10/10/2023 – so they’re simply moving the problem 4 years further down the line. Upgrading to Windows Server 2019, the current edition, would give them an extra 5 (and a bit) years – with extended support ending January 9th, 2029.
Both Office 2016 and 2019 leave extended support on October 14, 2025, as do Exchange Server 2016 and 2019.
Approval has been given for £1,471,000 of funding for 2019/2010, which will be allocated like so:
The documents show that a further £955,000 has been allocated for 2020 – 2024:
Making a total of £2,426,000 allocated over 5 years to this “IT Asset & License Refresh”. As noted above, in just over 4 years’ time, they will need to upgrade their Windows Servers again and, as they say themselves in the documentation, when Office 2016 falls out of support they will “again…face a choice of either a large capital purchase or sign up to another Microsoft subscription service”
It seems apparent that the bulk of the hardware cost isn’t on new client devices, but rather on back-end hardware for the “Storage Area Network”, and that only approx. 50% of the money is being paid to Microsoft. Whilst some might argue that the huge expense on upgrading the back-end systems is “due to Microsoft”, I don’t subscribe to that argument. Technology moves on and I don’t think any software vendor can be on the hook for the fact that their software has hardware requirements that can’t be met by systems that are approaching a decade in age.
The council list other options that have been considered, and reasons for their rejection:
Rejected as pricing was “substantially higher than our current annual revenue and projected capital costs and did not cover all systems and requirements”. Documents state this was over £500,000 per year for part of their infrastructure.
Rejected as the annual increase of £236,000 was considered too high.
Rejected as desktops and laptops are already 5-7 years old, and servers supporting VDI are “over 7 years old cannot be upgraded for the additional processor and memory requirements” needed.
There are a few things at play here.
This is an example of how sweating assets perhaps just delays the inevitable and can leave you with a large one-time bill. Had the council upgraded the hardware on a rolling basis, they wouldn’t now need over £500,000 from this annual budget.
Why are they upgrading their Windows servers to a product that is 7 years old and already into extended support? Is this due to application incompatibility with internal and/or 3rd party applications?
What is Microsoft offering in the new EA? The annual price increase is certainly significant – could more have been done to reach an agreement with BANES council so they could renew? Is there a full understanding of what is included in the new offering – could spend be reduced in other areas as a result of what’s included?
I don’t have all the information here at all, but it certainly appears to be an interesting look at how technical debt and the rise of the cloud can make things difficult, end expensive, for some organisations.
I wonder how involved ITAM have been throughout these discussions and decisions – who decided to move to Windows Server 2012, rather than 2019 – or even 2016? Are they using existing Windows Server 2012 licenses to avoid licensing by core rather than by processor perhaps?
This all helps shows how, with the rise of cloud, technical debt is becoming an ever-bigger problem. Whether due to the user experience degrading, or incompatibilities with newer technologies, helping your organisation modernise is key – and ITAM can, and should be, an integral part of that change.
*If anyone from BANES Council and/or their Microsoft partner would like to get in touch to discuss further, please do – email@example.com*
Public Services Network – https://www.gov.uk/government/groups/public-services-network
BANES Report – https://democracy.bathnes.gov.uk/ieDecisionDetails.aspx?ID=1237
Spend breakdown – https://democracy.bathnes.gov.uk/documents/s55314/2018-05%20-%20CAPITAL%20APPROVAL%20OFFICER%20DELEGATED%20DECISION%20-%20IT%20Asset%20Refresh.._.docx.pdf
Microsoft Product Lifecycle – https://support.microsoft.com/en-us/lifecycle/search?alpha=Windows%20Server%202012%20Standard
UK Government and Office 365 – https://news.microsoft.com/en-gb/2019/01/07/government-backs-office-365-cloud-move-after-microsoft-guidance/
NCSC Cloud Security Principles – https://www.ncsc.gov.uk/collection/cloud-security?curPage=/collection/cloud-security/implementing-the-cloud-security-principles