The “one size fits all” IT model of Shared Services Canada is negatively impacting the Mounties’ operations and putting officer as well as public safety at risk, according to the memo sent by Royal Canadian Mounted Police Commissioner Bob Paulson to Public Safety Minister Ralph Goodale.
CBC News, which obtained a copy of the Jan. 20 memo, reported that the RCMP estimates critical IT failures have grown by 129 per cent since SSC took over tech support for the federal government.
According to the CBC report, Goodale has asked to meet with Procurement Minister Judy Foote who has jurisdiction over SSC, to discuss the issues raised by Paulson.
“Shared Services Canada and the Royal Canadian Mounted Police are working closely to provide 24/7 support and services to ensure secure and efficient RCMP operations,” according to Scott Bardsley, press secretary at the Office of the Minister of Public Safety and Emergency Preparedness. “Over the past year, SSC has strengthened working relationships with the RCMP at the operational, managerial and senior management levels.”
He said meetings are taking place on a weekly basis to address IT issues.
“Minister Foote and Minister Goodale have a constructive ongoing dialogue regarding the relationship between SSC and the RCMP,” said Bardsley.
Paulson’s memo included a list of recent IT-related incidents and how these affected the RCMP.
Related content
DND, RCMP operations impacted by faulty IT service
Canada’s cyber security deficit
Among them was an 11-hour computer network outage on Jan. 18. This resulted in knocking out every RCMP’s BlackBerry smartphone. The dispatch of officers was impacted and the RCMP and 240 other police forces were prevented from accessing the Canadian Police Information Centre (CPIC) database.
“A lack of CPIC access severely limits awareness of what threats officers may face when they respond to a call,” according to Paulson. “If a major crime or incident were to occur during an outage of these systems, then the results could be catastrophic.”
In another example, Paulson said the RCMP received “unacceptable delays in deploying IT equipment” during the May 2016 forest fires in Fort McMurray, Alta. The Mounties, which were involved in evacuation of residents and relief efforts, had to wait for three days before getting the mobile devices they requested. When they did, there were fewer devices than expected, the devices could not be used because they were not activated and SSC on-call staff could not be reached.
SSC was created to maintain and improve government IT services, generate savings, and improve IT security. SSC began its tasks in 2013 and was expected to completely transform government IT shared services by 2020.
However, the SSC appears to have struggled with availability and reliability from day one. Last year, Auditor General Michael Ferguson revealed a massive backlog is delaying the processing of Canada Pension Plan disability claims and SSC has failed to meet its goal of cutting cost and streamlining the government’s IT infrastructure. A look into the operation of the Social Security Tribunal of Canada created by the former Conservative government in 2012 showed that 38 per cent of CPP disability claimants have been waiting for over a year for their appeals to be heard.
Availability and reliability of IT systems and networks are critical to any organization of business but more so for health institutions and agencies that deal with security and law and order, according to Claudiu Popa, a security and privacy expert who is the principal of Toronto-based risk assessment and security testing firm Informatica.
Hospital, police and first responders need a greater level of reliability, security, and availability that other organizations, Popa said.
“For these agencies, failure to obtain availability and reliability from the service provider is going to be a serious safety risk that could lead to a major failure,” he said.
Popa also warned that repeated outages and systems failures could have serious “behavioral circumstances” among users.
“When IT equipment repeatedly fails, the users’ trust in it is eroded. In many businesses, users tend to resort to their own solutions,” he said. “This is when you see staff bringing connected their own devices to the network and saving corporate data on their own USB sticks and security risks are introduced into the system.”
Popa said this could be bad news especially for government agencies that handle confidential private data or even highly-classified material.
This is also not the first time that the RCMP has complained about the SSC.
In 2016, Lois Karr, manager of the RCMP’s operational communications centre wrote a report which detailed the failures of the system and warned about how they jeopardized police work and the safety of officers and the public.
In her email to the SSC, Karr complained about the high failure rate of replacement telephone sets for 911 dispatchers. The RCMP had requested for the telephone sets in 2014, but when they arrived the units were faulty and appeared to be refurbished equipment.
The RCMP also said they had repeated email outages including one during the official visit to Ottawa of then- United States Vice-President Joe Biden, when 800 Mounties did not have access to email.