3.8 While the Exemplar Programme tested the opportunities offered by designing services around users' needs or using new approaches, GDS is now supporting improvements in technology beyond online user services. In principle, this approach could help to address concerns about the lack of end-to-end transformation of the exemplars and the management of legacy systems.
3.9 GDS's Common Technology Services unit was set up in August 2015 and grew out of work undertaken on technology infrastructure. The unit is involved in four areas: designing and developing cross-governmental standards and blueprints; sourcing pre-packaged products and services; helping to implement new technical services based on departments' needs and capability; and operating some central services through third parties. GDS has helped to manage common infrastructure such as the Public Services Network (PSN), and has promoted the use of new technologies and products such as cloud services.
3.10 With such a broad remit, GDS faces a significant challenge in meeting possible needs for technical support in areas demanding a deeper technical knowledge and understanding of the existing government landscape. There is limited guidance on replacing or reconfiguring legacy systems to support transformation programmes. GDS has only recently published guidance on using application programming interfaces (APIs) to link administrative systems, despite an emphasis on APIs when GDS was first set up.
3.11 The challenge of meeting so many competing demands has led to gaps in GDS's ability to provide support. For example, it has only a single individual to support and share guidance with departments on security in digital services. Current government policy is to phase out the use of PSN and for departments to assess their own network requirements. There has been limited guidance for departments on managing the transition or monitoring potential risks.
3.12 GDS has recognised the need to respond to cross-government demands. For example, it is looking to increase guidance on moving off PSN and has started initiatives on email security, including, from April 2017, central monitoring of email vulnerability levels for departments.