2016 will be remembered as the year technology giant IBM hit the headlines for all the wrong reasons. They’ve been blamed, almost completely, by the ABS for what’s now known as #censusfail. IBM has recently sacked a couple of staff over the incident but I think there’s more to it.
So, to recap, on Census night the ABS suffered a pretty low-grade DDoS attack. There’s lots of technical chatter about the exact nature of the attack but it was a very small attack and the ABS panicked, pulling the census offline.
Unfortunately, it took them three hours or so to tell the world they’d taken this step. During that time thousands of Australians tried in vain to fulfill their obligations.
What made things frustrating was that the census wasn’t taken completely offline. The actual census system was made up of two main components – a dynamic application hosted on the ABS’s own hardware and static content hosted by IBM. On census night, the application was taken down but the static content remained active. Hence, people were frustrated as it looked like the census was up but broken.
Here’s where that’s explained in IBM’s original tender document.
The problem was that IBM was not allowed to host the census application as they lacked IRAM certification – something anyone wanting to provide cloud services to the government needs.
If you’ve got some time on your hands, you can read the entire ABS submission (a href=”https://drive.google.com/file/d/0B6fRXFvYdlVKLVRPNF94WUIyNXc/view”>ABS Submission on 2016 Census). There’s a nice nugget on Page 61 where the ABS leaks the entirety of IBM’s confidential information from the original tender. Helpfully, they put that information in bold text so we wouldn’t miss it.
It’s certain we haven’t heard the last of this. For mine, the blame has to be borne by the ABS. It was their party, they set the rules for what services were meant to be hosted on which systems and the responsibility for testing was theirs.
It’s easy to point the finger at IBM – who doesn’t enjoy smacking a big multinational around from time to time? And I suspect IBM will cop it on the chin as they won’t want to compromise their chances of hosting other government work in future – particularly as that ISAM certification they need is close to being granted according to a source I have who worked on the census project.
Comments
13 responses to “ABS Tries To Drop IBM In A Bucket Of Crap After Census Fiasco”
and
Trying to find out… ISAM or IRAM and as the IBM solution was dedicated computers in the Baulham Hills Data Centre, it’s not the cloud, so does this even apply?
As I put below, it’s IRAP and anyway everyone uses the marketing jargon “Cloud” when all they mean is virtualized.
IRAP maybe? http://www.asd.gov.au/infosec/irap/certified_clouds.htm
doesn’t apply to hosted computers.
IRAM and ISAM? I think you mean IRAP (Infosec Registered Assessors Program) http://asd.gov.au/infosec/irap.htm
They need to be listed on the Certified Cloud Service List http://www.asd.gov.au/infosec/irap/certified_clouds.htm.
Other than that. Thanks for clearing some stuff up
You can outsource a lot of things. Responsibility isn’t one of them.
Really felt like a everyone pointing fingers at everyone else sort of thing. Though honestly I feel that if the census didn’t have such a high fine, and forced use of name and address, people wouldn’t have been so critical over it.
While everything above was a great read on the technical side of things, I feel that the people side was almost half as bad.
and 2015…
and 2014…
and 2013…
and 2012…
Yet these behemoths continue to get all the work… I’d put money on them hosting the next census too. Logic says they will learn from this specific mistake but why continue to give work to companies like this when they have a track record of being a key player in major failures again and again?
At least MBA students will be able to move on from Queensland Health Case Studies… they will now be replaced by ABS Case Studies…
This.
I still think the QLD Health incident was entirely avoidable – anybody who’s done the smallest technical migration before knows the value of a parallel run. Nobody in their right mind would do a ‘no-rollback cut-over’ implementation of a payroll or billing system of that size. IBM should’ve known that, QLD Health should’ve known that. Not nearly enough heads rolled for that incident.
As per the QLD Health incident – one thing IBM does get right is it’s contracts. You can bet they can’t be sued for this. It would be nice to see them banned from all government tenders for five years though.
coz they undercut everyone else’s bid.
I recall a holiday to NZ that started out with a headache because the Airline computers shat themselves, turns out that was IBM too. I’m wondering just how much computer infrastructure in Australia relies on IBM and just how often they shit themselves.
Most backend banking systems, defence, airlines run on IBM mainframes and power systems due their incredibly high availability. You don’t get that with Windows 🙂
Still trust IBM more than the Australian Government
Didn’t Qld Health push ahead with the payroll migration when IBM advised (managing SAP integration) advised otherwise