@lightweight I get your point but don't entirely agree. There is a duty of care and trust put into the hands of the contractor and the expectation - particularly of large corporates - that their product is safe. Yes the agency in charge should have done a security audit. But I respect SAP for owning up on this. Can you imagine the uproar if this had happened under a small local firm? It would have sunk them
@ByronCinNZ Yup - but my point is that "outsourcing" shouldn't be seen as a way to dodgy culpability (that seems the main rationale for outsourcing of tech services in general). We need an incentive for Ministers to be smarter about providing tech services. I suggest that the *right* way is for gov't to fund #FOSS development of these solutions, allowing for competition between service providers for any given service. The current "gift a monopoly" to a supplier approach is broken.
@lightweight Yes. The outsourcing comes too often with abandonment of expertise in subject matter the agency is charged with overseeing. That combined with the managerialism attitude that views anything technical as bellow the dignity of important people and you really set the stage for corporate rip-offs and failures. Gov't needs to retain (and respect) enough expertise to know that they are getting what they need and what they pay for from suppliers.
@ByronCinNZ Yup. Imagine if the NZ gov't funded the development of a #FOSS gun licensing tracing system... and then told the US - "here, this worked for us. You can just use it. It's Free". And it would also give NZ some nice tick marks for its Digital 9 Charter membership... https://www.digital.govt.nz/digital-government/international-partnerships/the-digital-9/
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!