Published on June 20th, 2019 📆 | 6440 Views ⚑0
NHS urged to consider Microsoft alternatives following cyber-attacks
In the wake of Friday’s international cyber-attacks, which caused widespread disruption across NHS organisations, a small team of developers is recommending the health service reduce its reliance on Microsoft.
The NHS almost exclusively uses Microsoft operating systems, some of which – like Windows XP – are no longer officially supported.
To demonstrate that there is a licence-free alternative, GP Marcus Baw and technologist Rob Dyke have adapted the open source Linux-based Ubuntu operating system specifically for the NHS. They call it NHSbuntu.
Dyke said adopting NHSbuntu could form part of a strategy for better securing of legacy operating systems and key clinical applications. He described residual NHS use of XP, including in medical devices and diagnostic equipment, as a “critical liability” in some trusts.
Baw said the system also had the potential to save the NHS millions in licence fees currently paid to Microsoft, and suggested open source alternatives could be particularly suited for administrative, non-clinical and back-office users.
Adoption of NHSbuntu could also potentially help the NHS make more widespread use of cloud computing. Ubuntu is already the most widely used operating system for cloud-based applications.
So far NHSbuntu is just a working prototype, though is a fully functional, secure OS. Baw said: “This is research and development work and not yet production-ready.”
“We’re very keen to develop an open and inclusive NHSbuntu community, and have an open forum for NHSbuntu”, said Baw. “We encourage community contributions and will work closely with any existing open source vendor to include their work in NHSbuntu’s default repositories. We’ve already had interest from RippleOSI and Open Health Care UK in this regard.”
Chief information officers and chief clinical information officers in the south west were the first to see NHSbuntu at an April meeting. Baw said the plan was to work with interested CIOs and CCIOs to further develop the NHSbuntu project.
Gary Kennington, IT operations manager at South Devon and Torbay CCG, has been involved in the project since it began in February. He has been demonstrating NHSbuntu widely in his CCG, using it for cyber security, including safely opening suspicious emails received by staff and inspecting the contents without risk to the CCG network.
Kennington believes that, had it been deployed, NHSbuntu could potentially have reduced the impact on his organisation from last week’s cyber attacks.
Baw said NHS Digital was aware of the project, which began as self-funded but has now gained financial backing. “We are delighted that the open source Apperta Foundation have recognised the significance of this initiative and made a £40,000 grant to enable some further work.”
Baw added: “In view of the Friday’s incident, and the importance of making some urgent and effective change, we’ve directly approached NHS Digital for a more serious investment for one year’s concerted R&D.”
Among the key technical challenges that have already been addressed to enable use in the NHS is integrating the NHS Digital Identity Agent (IA) smartcard components, potentially paving the way for using IA-secured clinical applications in NHSbuntu.
Dyke said: “We aim to increase the range of clinical application packages in the coming months. There is already a lot of open source clinical software in existence, including open source DICOM (Digital Imaging and Communications in Medicine) viewers, PASs (Patient Administration Systems), and others, which we intend to draw on for NHSbuntu”
David Miller, director of Open Health Care UK, commented: “The NHSbuntu server edition would be an ideal deployment environment for the many open source Opal applications, allowing NHS IT to take advantage of the best practices from industry when deploying and scaling modern web applications.”
He added: “Having a modern web browser available by default on all desktops would be a truly transformative step towards enabling better usability for NHS IT.”
Miller described Linux as an extremely secure free Unix operating system which is now one of the most widely-used operating systems in the world, running on more than 95% of web servers. It is the foundation of Google’s Android mobile operating system.