Issues

On this page:

• Email Transformation Initiative
• Data Centre Consolidation
• Cyber and Information Technology Security
• Secure communications for Ministerial regional offices
• Audits
• Telephony
• Government of Canada Network Wide Area Network
• Mainframe Legacy Application Migration Project

Email Transformation Initiative

Issue

• The Email Transformation Initiative (ETI) is scheduled to be completed 18 months past its original target completion date, resulting in reduced savings for Shared Services Canada (SSC) due to the need to maintain legacy email systems during this extended period.
  
• Based on the revised migration schedule for partner organizations, migrations to the new email service are scheduled to conclude in September, 2016.

Context

• SSC provides email services to its 43 partner organizations, which have historically operated with 63 separate and distinct email systems, each using different security measures, business rules and technologies.
  
• Through the ETI, SSC is consolidating these separate email systems into one standardized email service. The new service will also be available on a cost-recovery basis to the remaining government organizations.
  
• On June 25, 2013, the contract to design and build the new email system was awarded to Team Bell (comprised of Bell Canada, CGI Information Systems and Management Consultants Inc., and Microsoft) for a seven-year period with one optional year. The total maximum value of the contract could be as much as $398 million over the eight-year period of the contract.
  
• The ETI system went live on February 3, 2015. Due to the significant challenges in meeting the government security requirements, the implementation schedule was delayed by 18 months.
  
• As of October 6, 2015 a total of 24,921 accounts have been migrated to the new service, as well as 6,132 BlackBerry devices, for the following Partner organizations:
  • Shared Services Canada
  • Atlantic Canada Opportunities Agency
  • Natural Resources Canada
  • Department of Finance Canada
  • Public Safety Canada
  • Statistics Canada
  • Infrastructure Canada
  • Canadian Nuclear Safety Commission
  • Western Economic Diversification Canada
  • Industry Canada / Federal Economic Development Agency for Southern Ontario
• By November 20, 2015, a total of 24 partners will be on the new email service, concluding the first wave of partner organizations migrating to the new service.
  
• All partner migrations to the new email service are scheduled to conclude in September 2016.
  
• SSC’s initial project budget for the Department’s contribution and efforts to migrate to a single, transformed email system is estimated at $82.8 million.
  
• Projected end-state, ongoing savings will increase from the originally anticipated amount of $50M per year, to $61.1M per year by 2020/2021, as a result of additional savings attributed to lower vendor costs.

Strategic considerations

• The new email service includes up-to-date security features incorporated in its design, construction and operation. The new platform will reduce costs, increase security and privacy protection, and enhance program delivery to Canadian citizens and businesses by improving access to government.
  
• SSC has been working closely with partner organizations to migrate to the new email service. It has proven a significant challenge to schedule migration periods for partners due to their business requirements, or to allow time for organizations to prepare their systems for the transition.
  
• Media reports have focused on two main areas of interest concerning ETI: the penalties incurred by Bell Canada as a result of failing to meet its initial deadline of March 31, 2015, and the disparities in pricing during the project’s bidding process (Ottawa Citizen, July 2015).

Next steps

• The SSC ETI team has worked closely with all stakeholders (partner organizations, SSC internal groups and Team Bell) on integrated detailed transition plans.
  
• The SSC ETI team communicates with partners on an ongoing basis to announce changes and enhancements to migration processes. SSC also coordinates pre- and post-migration meetings with partners to discuss communication to users, lessons learned and best practices.

Key messages

• The ETI is a complex project that involves replacing 63 independently managed email systems across 43 organizations with a common, more reliable, secure and cost-effective email system.
  
• The Government of Canada remains focused on delivering the new email system, as it will improve Canadians’ access to services and information.

Content Responsibility
Program Lead: Don Lalonde, Acting Director General, Email Services, Networks and End User Devices
Responsible SADM/ADM: Pankaj Sehgal, ADM, Networks and End User Devices

Data Centre Consolidation

Issue

The Data Centre Consolidation (DCC) program, a key part of Shared Services Canada’s (SSC) Transformation Plan, consists of many interdependent activities focused primarily on reducing the number of data centres located across Canada from more than 500^{Footnote 1} to no more than 5 by 2020, and on standardizing information technology (IT) infrastructure to maximize its use across the Government of Canada. This will, in turn, enable SSC to streamline support organizations responsible for operating the IT infrastructure.

The DCC program scope remains unchanged since SSC’s Transformation Plan was approved XXX. However, parts of the program are XXX behind schedule. Projected costs and savings are close to target but the time to realise full benefits will be longer than originally anticipated.

Context

The scope and major activities in the DCC program are:

• the establishment of foundational infrastructure, including modern enterprise data centres (EDC) and new IT infrastructure and networks;
  
• the implementation of enterprise IT services for departments and agencies;
  
• the migration of applications from legacy data centres to EDCs; and
  
• the closure of legacy data centres.

Savings and efficiencies are realised through the last two activities.^{Footnote 2},^{Footnote 3}

Three EDCs are now operational. SSC’s EDCs will be interconnected to backup one another, and one EDC will be dedicated to high-performance computing. This will allow for the continuity of important government applications and is in keeping with industry best practices. 

Status of EDCs:

• EDC Gatineau, Quebec, was opened for use in November 2013 and currently hosts data and applications from several departments. It is owned and managed by Bell Canada.
  
• EDC Borden was ready for use in April 2014 and is the second fully operational EDC to be established. It is government-owned and operated, and is located at Canadian Forces Base Borden, in Ontario. It, too, is hosting data and applications from several departments. The facility will be expanded to accommodate greater volumes of data and storage capacity. The procurement process for the expansion was launched in July 2015, and the contract award is expected in March 2016.
  
• EDC Barrie is SSC’s third fully operational EDC. IBM Canada was awarded a multi-year contract in October 2014 to deliver and manage this service from its existing facility, located in Barrie, Ontario.
  
• SSC’s fourth EDC, to be located in the Montréal area, will support Government of Canada scientific computing. XXX.
  
• A fifth EDC may be required. The requirement for this will be confirmed during fiscal year 2016/17.

Strategic considerations

• XXX
  
• SSC is dependent on its partner departments to support application migration activities. In some cases, these migrations require substantial effort from departments. Given their own operational requirements, regularly raising SSC’s transformation with departments at senior levels helps to maintain momentum.

Next steps

There are three strategic procurements currently underway:

• a P3 for the expansion of EDC Borden;
  
• the replacement of the supercomputer that underpins the Environment Canada weather forecasting system; and
  
• enterprise procurement vehicles for the provisioning of IT infrastructure and services.

Key messages

• SSC is streamlining IT services by moving from more than 500 data centres to no more than five by 2020. This will reduce overall data centre space from approximately 600,000 square feet to less than 180,000 square feet – a 70% reduction.
  
• Through this exercise, SSC will assist departments and agencies in migrating government applications from over 23,000 servers that are mostly under-utilized and past usable life to approximately 14,000 new and efficient servers.
  
• The consolidation of data centres will achieve savings of approximately $83 million per year beginning in 2019–2020 in addition to increasing storage capacity, network security and service quality.
  
• An additional $14.5 million in savings has already been achieved through the consolidation and renegotiation of existing data centre contracts.
  
• SSC closed 60 legacy data centres between June 2013 and August 2015.

Content Responsibility
Program Manager: Peter Littlefield, Director General, Project Management, Service Management and Data Centres
Responsible SADM/ADM: Patrice Rondeau, A/SADM, Service Management and Data Centres

Cyber and Information Technology Security

Issue

Intrusions and invasive attacks into government information systems threaten the security of personal information and the availability of government services for Canadians.

Context

• Cyber-attacks are on the rise and continuously attempt to infiltrate the Government of Canada’s information technology (IT) infrastructure. Email is the leading target for attacks from criminal, foreign military and terrorist networks.
  
• Media outlets report daily on cyber-attacks around the world, focusing on the failure to prevent intrusions as well as the impact of these attacks on organizations, business, governments and individuals.
  
• Shared Services Canada (SSC) regularly receives questions from journalists about attacks that may have occurred across the Government of Canada. SSC will not usually confirm or discuss such threats or incidents, but will describe the department’s role in working with other departments to address cyber threats.
  
• An example of an invasive attack occurred on April 7, 2014, when a security vulnerability in the Open SSL cryptographic software library known as the Heartbleed Bug was publicly disclosed. SSC worked with its 43 partner organizations to implement mitigation measures and continuously monitored and tracked the progress made. The Heartbleed Bug was caused by a flaw in the Open SSL software and affected nearly all IT systems around the world.

Strategic considerations

• The complexity of IT security (e.g. stringent security requirements, evolving cyber security threat environment) demands the establishment of Government of Canada enterprise-level priorities as well as setting service expectations of SSC partners and clients.  It should be noted that IT security is a joint responsibility between SSC and its partner departments. IT security maturity and spending across SSC partners and clients varies significantly.
  
• A standard plan for dealing with security incidents and breaches needs to be applied across the Government of Canada. SSC has been following the Government of Canada Incident Management Plan and is working with the Treasury Board Secretariat in the development of a new Government of Canada Security Event Management Plan, to be adopted soon. Once in place, the Plan will ensure robust recovery following incidents through standardized practices and procedures.

Next steps

• SSC is continuing to work with its partners to implement the necessary mitigation measures to protect government systems and the information that they contain.

Key messages

• The Government of Canada is continuously working to enhance cyber security in Canada by identifying cyber threats and vulnerabilities and by preparing for and responding to a range of cyber incidents to protect Canadians and Canada’s interests.
  
• SSC continues to work with the Communications Security Establishment, Public Safety and other departments to ensure that the Government of Canada’s IT systems remain secure at all times.
  
• With the increasing threat of cyber attacks, the Government of Canada has implemented systems and tools to monitor, detect, investigate and respond to cyber threats.

Content Responsibility
Program Lead: Dinesh Mohan, Director General, Security Management, Cyber and IT Security
Responsible SADM/ADM: Raj Thuppal, ADM, Cyber and IT Security

Secure communications for ministerial regional offices

Issue

• Over time, there has been a degradation in the reliability and quality of voice communications provided by older (or “legacy”) analog secure telephony systems used by Ministers, senior government officials and cyber response teams.
  
• Secure communications in Ministerial Regional Offices (MROs) are a priority for the Privy Council Office (PCO) to support government operations and its transition.

Context

• On September 26, 2014, Shared Services Canada (SSC) commenced an initiative to replace legacy encrypted analog phones with new secure digital encrypted phones. The new replacement telephones are the General Dynamics vIPers.
  
• The initiative sought to complete a single vIPer installation at each MRO and to replace 9 of the 18 Secure Terminal Equipment (STE) analog sets on the PCO’s conferencing bridge.
  
• Secure phones have been successfully installed and tested in 21 locations, including 16 phones in the MROs.

Strategic considerations

• Secure communications are a key strategic and operational enabler for the Government of Canada. However, the legacy capabilities are unreliable. Corporate knowledge of the new technology and its deployment within the Government of Canada is incomplete at this stage, and SSC has taken a secure communications leadership role in designing and implementing the first part of the secure communications solution for the Government of Canada.
  
• The requirement for classified communications for cyber co-ordination, Cabinet discussion, etc., is significant. Until an enterprise-level Secret infrastructure with a secure voice capability that complements the vIPer solution is implemented, vIPer is the only technology that can satisfy the requirement.

Next steps

• Assist PCO with the installation of seven more vIPers on the PCO Bridge following the October 2015 federal election.
  
• Examine follow-up requirements from PCO and determine a way forward.

Key messages

• SSC has completed work to improve secure communications in Ministerial Regional Offices (MRO). This work has involved the replacement of older, unreliable analog telephones with new reliable, digital encrypted devices. These changes will deliver improved voice communications and more reliable and secure service to our partners.
  
• The deployment of vIPers in support of ministerial requirements at MROs has been well supported and has provided a required upgrade to legacy secure communications capabilities.
  
• The remainder of the secure communications requirements will be addressed through the Government of Canada Secret Infrastructure program, which is targeting to roll out initial capabilities in FY 2016-17.

Content Responsibility
Program Lead: Dinesh Mohan, Director General, Security Management, Cyber and IT Security
Responsible SADM/ADM: Raj Thuppal, ADM, Cyber and IT Security

Audits

Issue

• XXX.

Context

• Audit reports from officers of Parliament and central agencies are important sources of information for members of Parliament and the media. The release of these two reports shortly after the opening of Parliament could focus attention on long-standing issues that have not yet been fully resolved. Communications in response to these two reports, and the OAG report in particular, will focus on the savings generated by SSC, IT security  processes and information, and corrective actions already being taken by SSC to better report on the achievement of IT Transformation Plan objectives.
  
• As part of its ongoing operations, SSC looks to ongoing audit and evaluation reports on its operations and service delivery to provide assurance to decision-makers and help measure performance. 

Strategic considerations

• Communications messaging, tactics and products at the time of the reports’ release will put special emphasis on SSC’s drive for excellence in delivering a modernized information technology (IT) infrastructure that is cost-effective, reliable and secure.
  
• As it matures, SSC will be under more scrutiny from several stakeholder groups, including external assurance providers (e.g. the OAG, OCG and Office of the Privacy Commissioner), central agencies (e.g. the Treasury Board of Canada Secretariat and Privy Council Office) partners and clients, as well as the IT industry and other jurisdictions. Common concerns are the delivery of services to Canadians, cyber security and the protection of information and savings.

Next steps

• The audit reports are expected to be tabled early in the Parliamentary session.
  
• SSC will develop communications products and a Question Period card and prepare for a potential Parliamentary committee appearance to discuss audit findings.

Key messages

• SSC is working with partner organizations across government to consolidate and modernize email systems, data centres and networks. This transformation will ensure more cost-effective, reliable and secure IT infrastructure is in place to support government operations and serve Canadians and Canadian businesses.
  
• As part of its ongoing operations, SSC looks to ongoing audit and evaluation reports of its operations and service delivery to provide assurance, help measure performance, and improve programs.

Content Responsibility
Program Lead and Responsible Officer: Yves Genest, Chief Audit and Evaluation Executive, Office of Audit and Evaluation

Telephony

Issue

• The transformation of Telephony/Voice Services focuses on the migration from traditional “desktop” landlines to more modern alternatives, namely Voice over Internet Protocol (VoIP) and cellular services. Supporting the modernization efforts are numerous service delivery improvement activities to reduce costs (e.g. elimination of unused lines, optimization of processes through automation) and the establishment or renewal of enterprise procurement arrangements to modernize and drive advantageous pricing.
  
• The execution of the Government of Canada’s Telephony/Voice Services strategy will deliver savings of over $60 million (XXX), improve security in the underpinning infrastructure, and increase functionality to meet the demands of a modern work environment.

Context

• High demand for telephony devices and increased usage is driving up overall costs beyond the planned demand forecast and budget. Government spending on mobile devices has increased substantially since 2012. Although costs were approximately $27 million in 2012 and were forecast to be approximately $32 million in 2015, they have currently reached approximately $50 million.
  
• Managing the Telephony/Voice Services is challenging due to the volume of invoices and the number of individual service agreements; however, SSC continues to reduce the number of invoices per month through increased consolidation.
  
• Many organizations have their own unique challenges in modernizing their telephony services and practices, and there is still some partner reluctance to switch from costly traditional landlines to more modern technology.
  
• SSC inherited telephony systems with more than 1,300 legacy telephone switches (PBXs and key systems), most of which are over 20 years old. These must be replaced as some are beginning to fail and replacement parts are becoming scarce. Most of these systems will no longer be supported by manufacturers beyond 2018.

Strategic considerations

• Telephony/Voice Services will support and align to related Treasury Board policies and directives (e.g. Policy on Acceptable Network and Device Use, Telework Policy), in addition to government requirements for sound stewardship, accountability and financial management.
  
• The Government of Canada will be reducing the number of phone lines by providing a single telephony device for each individual. Ultimately, individuals with two or more phones will be the exception.
  
• Services will be provided through enterprise procurement vehicles to drive the best possible rates to meet Government of Canada requirements, terms and conditions.
  
• During major emergency situations, it is possible that the mobile telephony network may experience significant congestion. This occurred during the 2014 shootings at Parliament Hill in Ottawa. To alleviate this risk, the Rogers Wireless Priority Service provides voice call priority to emergency responders for outgoing cellular calls. XXX.

Next steps

• SSC will collaborate with partners to implement effective solutions to better manage the demand for telephony/voice services by:
  • Streamlining processes, and improving tools and reporting capabilities;
  • Implementing a Pricing Strategy/“Fee for service” framework, launching in 2016, with Mobile/Cellular Services as the first service;
  • Continuing cost reduction efforts, including proactive data plan management, moving mobile users to more cost effective service providers and eliminating unused or redundant services and devices; and
  • Raising awareness of policies and best practices for using telephony devices.
• XXX.
  
• Initiating renewal of a Government Cellular Services (GCS) procurement vehicle with contract award XXX. GCS is the procurement vehicle that provides cellular services for over 210,000 cellular devices in the SSC community and the Government of Canada. The current Government Cellular Service contracts provide some of the lowest rates in Canada.

Key messages

• Transformation of legacy landlines was initiated via Economic Action Plan (EAP) projects and now continues within the Telecommunications Services line. To date, SSC has migrated over 86,000 desktop phones to Voice over Internet Protocol, and has eliminated over 57,000 costly traditional phone lines, achieving annual savings of over $45 million. In addition, SSC has established guidelines for employees on the provision of telecommunication devices and on the acceptable use of cellular devices.
  
• As part of the EAP projects, SSC created an inventory of all telephone services and devices in use by SSC and partner organizations. This has given SSC a better picture of the services currently being used across government, and creates an opportunity for SSC to validate and consolidate services for further savings.
  
• SSC is revising the current complement of cellular phone providers and is working with security partners, including first responders, to help ensure better service during a crisis.
  
• Once transformed, by March 2020, modern voice services will support mobility, collaboration and cost-effective partner business needs while aligning to industry trends and standards.

Content Responsibility
Program Lead:  Michel Fortin, Director General, Telecommunications
Responsible SADM/ADM:  Pankaj Seghal, ADM, Networks and End User Devices

Government of Canada Network Wide Area Network

Issue

• The Government of Canada Network Wide Area Network (GCNet WAN) project has extended specific migration deadlines by two to three months, from August 2015 to October and November 2015. These extensions are for specific deliverables only and do not impact the completion of project delivery or anticipated savings by the end of fiscal year 2019‒2020.

Context

• Shared Services Canada (SSC) operates 50 separate wide area networks (WANs) for SSC and its partner departments and agencies. These WANs support communications for over 377,000 users nationally and internationally.
  
• GCNet WAN Services are divided into three streams:
  • Stream 1 is the National Internet Protocol (IP) Service, providing network connectivity for more than 3,000 sites (buildings and campuses) across Canada.
  • Stream 2 is the National Legacy Point-to-Point Service that provides dedicated circuits for legacy technologies.
  • Stream 3 is the International Service, which provides connectivity to more than 200 locations around the world, primarily in support of missions for the Department of Foreign Affairs, Trade and Development, but also the Department of National Defence and Veterans Affairs Canada, as well other partners with an international presence.
• The GCNet WAN project is currently in the migration readiness stage for streams 1 and 2, during which SSC is working with the vendors to prepare for implementation and operations.
  
• XXX
  
• The anticipated gross savings after implementation of the new GCNet WAN contracts total $23.1 million annually, beginning in fiscal year 2020–2021.

Strategic considerations

• The GCNet WAN project was established to consolidate, modernize and streamline the existing 50 WANs into a single physical network service supporting both national and international operations. This will result in reduced infrastructure complexity and operating costs, consistent service quality, increased security and enhanced program delivery to Canadians.
  
• On January 5, 2015, two GCNet WAN contracts were awarded to TELUS (Stream 1 and Stream 2) and one was awarded to Allstream (Stream 1) for the purpose of transforming government WANs under SSC’s mandate by 2020. XXX.

Next steps

• The migration is broken into service projects, three of which are defined contractually.
  
• Vendors will be implementing a variety of pilot sites and migrations mainly over the course of 2015–2016. Once complete, the remainder of the sites will be migrating up until the end of fiscal year 2019–2020.

Key messages

• SSC is transforming the Government of Canada’s WANs from 50 “siloed” networks to a shared, more secure, enterprise network, to reduce complexity and provide greater network capacity, reliability and security.
  
• SSC is planning to complete this transformation by the end of fiscal year 2019–2020.
  
• The extension of deadlines for specific readiness deliverables is not expected to impact completion of the final delivery of this project or the anticipated savings.
  
• SSC continues to work with the project vendors and partners to ensure that the migration of SSC partners and clients to the new GCNet WAN service is as seamless and successful as possible.
  
• GCNet WAN will generate $23.1 million in ongoing annual savings beginning in 2020–2021.

Content Responsibility
Program Lead: Patrice Nadeau, Director General, Data Networks, Networks and End User Devices
Responsible SADM/ADM: Pankaj Sehgal, ADM, Networks and End User Devices

Mainframe Legacy Application Migration Project

Issue

• The Mainframe Legacy Application Migration Project (MLAMP) has encountered ongoing scheduling delays due to risks and issues shared by Shared Services Canada (SSC) and Employment and Social Development Canada (ESDC). The project is currently scheduled to be completed by its original target completion date of December 2016. There is, however, a significant risk for ESDC that the timeline will slip further, resulting in continued reliance on a legacy computing platform for critical Government of Canada software applications.
  
• In order to mitigate this risk, SSC and ESDC will explore contracting options to ensure uninterrupted service to Canadians through the Employment Insurance system. MLAMP migrations may not be completed before the current mainframe support contract with Unisys Canada Inc. expires in December 2016.

Context

• ESDC is replacing its aging computing infrastructure used to deliver critical programs, Employment Insurance, the Social Insurance Register, and Social Insurance Numbers.
  
• The current computer platform, under contract with Unisys Canada Inc., expires on December 31, 2016.
  
• In June 2013, ESDC was authorized to proceed with a project to address this aging information technology (IT) infrastructure. In June 2014, following a competitive process, the contract was awarded to Accenture Canada. The maximum contract value is $76.3 million.
  
• In November 2012, SSC began working with ESDC to support the IT infrastructure part of the migration.

Strategic considerations

• The MLAMP could affect the delivery of benefits to Canadians, as the system supports critical software systems. Continuity of services is imperative to ensure Canadians continue to receive services and benefits.
  
• SSC has been working closely with ESDC and Accenture Canada, the lead project vendor, to migrate the existing software applications to a new, more modern IT platform. There have been significant challenges in the areas of procurement, installation, configuration and testing, resulting in the project taking longer than expected in certain areas while continuing to maintain the current implementation date via a revised release strategy.

Next steps

• SSC will continue to work closely with Accenture Canada, ESDC and Public Works and Government Services Canada to review key issues and provide direction to reduce potential impacts.
  
• SSC continues to provision and configure the new platforms. Timely technical design for the disaster-recovery solution is required to ensure new timelines can be met.
  
• Delivery of the full disaster-recovery environment is the next key deliverable, expected between mid-November and December 2015. 
  
• SSC will start negotiations with Unisys Canada Inc. to confirm available contracting options for ensuring continued service. These could serve as an insurance policy to mitigate any further project delays.

Key messages

• The Government of Canada remains focused on delivering services and benefits to Canadians and improving Canadians’ access to services and information.
  
• Resolving technical issues in a timely manner has been the focus of much attention over the past few months, and significant progress has been made.

Content Responsibility
Program Lead: Peter Littlefield, DG, Project Management, Service Management and Data Centres
Responsible SADM/ADM: Patrice Rondeau, A/SADM Service Management and Data Centres