- Three breakdowns in less than a year
- Some software and hardware not updated since 2009
The Government is planning to spend close to a billion rupees to upgrade the Information Technology (IT) infrastructure at the Department of Immigration and Emigration, aimed at addressing the numerous system breakdowns that have inconvenienced thousands who are seeking new passports, The Sunday Morning learns.
On Monday (13), the passport issuing services at the Department of Immigration and Emigration came to a standstill due to another system breakdown. This was the third such breakdown in the span of less than 12 months as the system had already failed in November and May last year.
According to Department of Immigration and Emigration Controller General Harsha Ilukpitiya, the system failures stem from issues related to its network servers.
“The system breakdown is due to an issue with the servers. The servers were last upgraded in 2009. We have multiple systems and they run on the server system of our department,” Ilukpitiya explained. Each time the system at the department fails, it causes delays which affect the travel plans of many who are seeking to travel overseas for education, employment, or business.
He said that new servers were being procured and would cost an estimated Rs. 750 million.
“We have already purchased database servers and are now looking to buy application servers. It will cost about Rs. 750 million to purchase the new servers. We have called for tenders from companies in several different countries. One of the companies is Dell and there are several other reputed companies that have applied for the tenders.”
He went on to say that the department regretted the trouble that customers had to go through due to the breakdowns.
“We regret the inconvenience caused to the public, but the passports that were not issued due to the breakdown were issued the very next day. Once we install these new servers, I believe the breakdown problems will be addressed,” Ilukpitiya opined.
Estimated cost a bargain
Meanwhile, Asela Waidyalankara, a cyber security expert with more than a decade of experience in progressive technology, digital strategy, and policy, said that considering some of the amounts paid by banks for their servers, Rs. 750 million was a comprehensible price as there were many additional expenses with such an upgrade.
“It’s not only just buying the server boxes. There are maintenance agreements that come with it, then there are services that you have to take with the servers. Also bear in mind that if you are working with the big companies such as IBM, Microsoft, etc. then the payments have to be made in dollars. If there is shipping or air freight, whatever is involved will also get added as part of the cost.
“While I’m not aware of how much the system for the passport office will cost, the factors I mentioned are some of the things that have to be considered when you look at the total cost,” Waidyalankara opined, adding that timely and professional maintenance of a department’s IT systems was essential for uninterrupted operations and resilience against cybercrime,” he said.
Regular upgrades needed
Waidyalankara further noted: “Usually in the lifecycle of a system, about every five to seven years we have to do regular incremental upgrades in terms of hardware, software, and the tools you use. What happens most of the time, mainly in the Government sector, is that they use the same hardware for about 10 years. Then there are unforeseen problems, the lifecycle of those machines will pass, and the warranties will no longer be valid. There are so many complications that arise when you look at managing these systems.”
He noted that sometimes, such problems arose due to the lack of knowledge at the management level regarding the IT systems and the need for upgrades and maintenance.
“This is why you need to have a proper methodology to govern these systems. We are under the impression that once we buy a machine and install the systems, that is all that is needed and we can carry on with life. There is something called IT governance as well something called IT system management. I doubt whether some of these State organisations have the right kind of competency on this topic or whether they consider gaining competency in such. This is the root cause of the problem.
“We are now looking at the final bill and thinking ‘my god, this is hundreds of millions,’ but that is not the point. The point is that it’s like debt. We call it technical debt. It is debt that has been accumulating for the past many years with every incremental upgrade that has been ignored, perhaps because the management does not understand. The decision to keep postponing the upgrade comes back with a vengeance and the customer experience suffers because the browser system doesn’t work and shuts down every month,” Waidyalankara said.
World-class products a better option
He added that it was best to opt for globally-recognised companies to purchase new equipment and that cyber security threats must always be considered.
“It’s always better to get a world-class product rather than trying to do it in-house. If you look at the banks or the telecommunication industry, most of their equipment is overseas equipment, so there is no threat there. The investment has to be proper. When it comes to cyber security and IT systems, you have to understand the risks involved in this particular system and what you can invest to make sure you mitigate those risks. For that, there is no point reinventing the wheel – there are world-class products. There is no threat to national security because even the militaries of some countries use these same vendors. It’s about how you invest and how you mitigate these risks.”
He stressed that the Government should look at appointing individuals who were competent enough to assess the necessities for IT infrastructure for its various departments and institutions and be able to take steps in the long term to ensure no breakdowns occur.