Centrelink: John Wadeson, CIO

Centrelink, Australia's welfare payment organisation, deals with millions of transactions and billions of dollars every week. CIO John Wadeson recently spoke to ZDNet.com.au about the challenges of running one of the country's largest IT infrastructures.

Centrelink, Australia's welfare payment organisation, deals with millions of transactions and billions of dollars every week. CIO John Wadeson recently spoke to ZDNet.com.au about the challenges of running one of the country's largest IT infrastructures.

Compared to 2007, will you be spending more or less on IT this year?

Wadeson: We spend over AU$300 million a year. We're a really big IT organisation, and I know some people really swallow at that amount and think, "What could I do with that?". I would think [spending] is going to be probably a little less on last year, because last year we had the big Welfare to Work thing.

Our budgets are heavily influenced by the amount of project work we do and our ongoing, what you might call "maintenance budgets", have been fairly stable. I think this year will actually turn out to be much the same as last year, but last year we did have a fair bit of the Welfare to Work project still running through the system, and for next year, of course, the IT Refresh project finishes in June this year. We won't have that for next year, but then, we don't know what's in this year's budgets.

Which technology most excites you?

Wadeson: Mobile computing. In Centrelink, what you can do without a computer and access to the system can be really limited. For us, the key is to enable these people to connect to the system. That's where the whole process becomes efficient and it works well and people really appreciate the fact that, yes, we can take the data now, we don't have to go and find an office, we don't have to take paper away. We can just deal with them on the spot.

I know some of these technologies, 3G and all that, cop a fair bit of criticism ... but we find that they work for us reasonably well. We get the odd glitch. It's not perfect. But compared with what it was say five, ten years ago, we're just in a different world altogether.

I first came into IT back in the 1990s and one of my very first encounters was with a salesman who said, "We can do mobile computing." Back then, it was on everyone's strategic plan. This guy had a funny little PC with an aerial on it, and he wanted me to go up to the roof of the building ... and there we were trying to find a satellite. I often wonder whether he's still there.

What is the most important tech project you have completed over the past year?

Wadeson: I would think the biggest thing we've done was the completion of the broadband network, because it now sits as a platform on which we can do much more and if you add up the fact that we've also largely completed our PC roll out — so our staff now have much newer, much more powerful PCs on a broadband network — we're seeing really good performance. And when you're such a transaction-driven organisation, those things are really important.

How important is open source software?

Wadeson: The open source argument. I mean, I always start off with my big statement on this, which is, for our really big core stuff, we really need the support we get. We buy the support, so we're not likely to see massive open source right through the place. That's just not likely to happen because we couldn't support it ourselves and it wouldn't make sense for us to do it.

We remain on this one very much in the, "If there's a business case". Linux is used fairly widely in the place. We try and always push back to the business case. I mean, we're not going open source because the industry thinks it's the thing to do. We will go there if the business case exists. You've got to look at the support levels you get.

We struggle with this all the time, but we don't rule it out either, simply because it's open source, and we have quite a lot of Linux applications. But when I go and talk to the IT guys really about this now, they say, "The argument's really about open standards, and it's really about getting people to build to standards, " and that's, I think, where the argument's almost moved in my view.

Issues around training and that, you've got to remember with our staff, they're really big issues. When you've got 25, 000 staff, you've got to keep things simple, you've got to keep things fairly straightforward. You can't expect them all to be experts.

Do you use collaboration technologies?

Wadeson: Organisations like Centrelink, we can't be too far off the pace. People build up their expectations of customer service and they get them from all over the place, and if we're seen to be not having any...you know, we can't operate in this space, when other organisations operate in this space, then we're seen to be government, bureaucratic... Those sort of terms arise again.

We now have applications where I might be sitting with a customer who's got a really difficult question. I can instantly message, just sitting there, to someone who I know is the expert. They can be telling me what the answer is and the customer never knows that I never knew the answer.

If you can avoid sort of saying, "Oh, look, I'll make another appointment. You've got to come in and meet someone who knows this." So these sort of things are starting to develop into real applications.

How seriously do you take green issues?

Wadeson: Our CEO drives one of these electric hybrid cars, you know? And the Minister thinks that's a good idea. So I think there's a bit of head in the sand stuff in IT about greening. I might have worries about all the power we need for our data centres and why can't we do this and do that? You know, power can be an issue. And they sort of sit there saying, "Why are you using all this power?"

Someone told me recently that for something like 70 percent of CIOs, power for datacenters is an issue. The issue is always framed though, "Can we get enough power and is it reliable or isn't it?" when the other issue that is coming at us is, "Well, you know, you're using a lot of power."

And so I don't think we're going to be able to duck that one entirely. I think that's going to be really important. The datacenters use a lot of power, but people are consolidating a lot of their equipment in the datacenter. And that can mean that overall the organisation might not use power. But the datacenter... they are these monsters ... that consume a lot of power — particularly because the virtualisation process has been a lot slower for organisations than they might have hoped.

How has your outsourcing strategy evolved?

Wadeson: We are certainly in the multi-source category. We have never been entirely in-sourced and we have never been entirely outsourced. I think we are starting to learn better how to engage the private sector in ... helping us build applications.

I think with the sort of skills issues that are around these days ... you really don't want to be stuck with a single way of doing things. So I think the multi-sourcing strategy, which I've noticed a lot of other organisations seem to be trying to move towards, I think you know is the way to go. I haven't been convinced there is another clear path. We were really running into a crisis around here.

One of the things we did do was open up part of our development in Adelaide. We have been able to pick up close to a hundred really good people over there. They want to work in Adelaide and we are now one of the more significant IT employers in Adelaide.

As CIO, how do you know if you have done a good job?

Wadeson: It's I think AU$6 billion a month and it's five nights a week and it has to be right. And the staff has to be able to use the system, you know. We can't have the system interfering with the customer, staff/member interchange.

I mean, we've got four and a half thousand people in call centers. Their only tool is that system sitting in front of them. And you can imagine with that sort of volume and dealing you know, with a hundred odd thousand phone calls a day, you start having a system that doesn't do what they want to do and you know, immediately you've got lines and you've got queues. So success for me ... that's a key part of it.

How do you protect the data collected by Centrelink?

Wadeson: Public confidence is just so important to us. You only need a couple of examples where people have been able to see records or access things. And people will walk away totally from the online systems if they think that they can be compromised by using them.

Protecting our customer records has been... I mean, that's our oldest job. In fact, I was engaged in a conversation today. And people are always saying, "Well the electronic age you know is a big risk to security."

I remember when we had microfiche and all the data was on that. You reckon they were a security nightmare. People present IT as a big risk for security, but I reckon it is better than it was in the days before IT because although yes, there are people out there anxious to get at the data we hold, the tools that we have and the methods that we have are pretty good.

One of the things we have been really good at is that if you do something on our system, we'll be able to track it back to you. And that can be hard.

Later this year, instead of the random number generator we use now, we will be hopefully replacing that with our contact-less smart card. We have been to market for that and we'll probably start rolling it out towards the end of the year.

But the one thing we will always demand of our security system is that it can attach a transaction to a logon ID. And the reason we are using contact-less smart cards is that, you know, for us if you look at a typical office, there is a public reception area, a string of PCs and staff rotate through there.

You'll see when the staff rotates, they log out and the next person logs in. We never allow that sort of thing that would make it hard to trace where transactions come on.

There is a big organisation discipline about that and that's why we are able to identify staff who might be inappropriately looking at records.

Have you considered deploying biometric voice-authentication technology?

Wadeson: We are certainly happy enough that the technology does what people say it does. We think that we could do a voiceprint and we could authenticate simply that yes, this is the person. And I think the evidence is that it would be a pretty hard system and pretty rare that someone would break it, no matter if they had a cold or if the dog was barking in the background and all these other things that people, [laughs] that happen in the real world you know.

So it's on our watching list with a slight positive against it, if I could put it that way.