When geographically dispersed groups are all working towards the same goal, it is essential to eliminate any barriers that might hinder cross-border collaboration, as the team at Save the Children International knows only too well.
The organisation works with 28 other Save the Children member organisations, scattered across the globe, to provide medical attention, emotional support and shelter to young people displaced by natural disasters or armed conflict.
The organisation was set up to ensure that, as these 28 entities collectively work towards the same goal, duplication of effort is kept to a minimum by Save the Children International overseeing the delivery of common, shared services that all members can use.
It is the responsibility of Graham Kent, director of IT shared services at Save the Children International, to ensure the technology side of its shared services remit is met. In the past couple of years, this focus has seen his team play a critical role in the charity’s wider push to present a more united front to the world.
This process began in the summer of 2015, when the CEOs of the charity’s member organisations met and set out their vision to collectively project the brand as “one Save the Children”, says Kent.
“They wanted more shared services, more shared systems and more shared information, and we agreed on 10 core shared systems that we would endeavour to share across all parts of the federation, enabled by a single identity solution,” he says.
“They described it as a cultural desire to bring the pieces of the movement together, and create a greater feeling of togetherness, but also people were fed up with having loads of user names and passwords for loads of different systems.”
“People were fed up with having loads of user names and passwords for loads of different systems”
Graham Kent, Save the Children International
For example, every member has a national identity (or brand), a standalone website and domain name, all underpinned by different Active Directory systems, which sometimes tripped employees up as they moved around the world.
“In the US, for example, someone might want to use our systems to travel to Africa and want to use a system that was developed over there, and there is a whole hotch-potch of disconnected domains and systems [to pick through] first,” said Kent.
With its mission statement established, an initial scoping session followed “some time in 2016”, involving Save The Children International and the senior leaders from London-based cloud technical consultancy Amido, which would go on to become the delivery partner for the project.
Microsoft Azure as an option
The idea of using Microsoft Azure to underpin the project was first mooted around that time, but the roll-out was still some way from getting started.
“Anything in the non-government organisation space takes a very long time to happen,” says Kent. “We are fast in saving children, and slow in moving forward because we have to go through procurement cycles, and that can take a long time.”
There were other projects that needed to be completed first, including a sizeable connectivity and infrastructure upgrade that was taking place across all Save the Children International sites, and there were budgetary and staffing issues to overcome.
The organisation was steadily starting to make more use of cloud around this time, including the Microsoft online business productivity suite Office 365, making always-on connectivity a must.
“There was a point where it was said we could never go to a true cloud-based identity until we had Windows 10 rolled out globally,” says Kent, “which we did do, but everything had to be online and online reliably.”
With the connectivity project earmarked for completion at the end of 2017, the charity set to work on getting the identity project up and running with Amido in February of last year. With funding secured, and an 18-month project timeline agreed, the wheels were in motion. But, unbeknown to Kent and his team, the wheels would soon have to start spinning a whole lot quicker.
“We had a lot of interdependencies in our IT project portfolio, and one of those projects was brought forward, which meant our ‘comfortable’ 18-month delivery timeline had to be cut by 13 months,” he says.
“Our original aim was to finish the project by December 2018, and now we had to get it all done by November 2017. So I phoned our friends at Amido and said: ‘I’ve got a bit of a problem here’.”
A project under pressure
Hitting this drastically reduced deadline would require “throwing a lot more capacity at the problem”, and Kent, by his own admission, runs a relatively small IT department, which meant the organisation would be making full use of Amido’s in-house technical experts.
“We have a lot of good people, but I don’t maintain a large pool of full-time staff because I plainly want to spend money on saving children,” he says.
For this reason, the organisations refer to the working relationship between them as more of a partnership than a traditional client-supplier arrangement, as the Amido and Save the Children teams were essentially working side-by-side to deliver the project, says Kent.
“We sent out people to the Amido site and then we were really in a position to get going – to start writing some code, start deploying and start testing,” he says.
This side-by-side working approach brings its own benefits, says Amido chief delivery officer Chris Gray, because the near-constant collaboration between the teams helps reduce the time it takes to work through issues and deliver new features.
“There is no point us going off-site, building a bunch of stuff and saying, ‘Here, have this – it’s magic’, because no one would have any idea how to use it,” says Gray, “and by working together on-site, you are much more open and communicative.
“For example, if something is going wrong, you’re having a face-to-face chat and can keep them updated all the time, rather than saying, ‘OK, at our next project board meeting in two weeks’ time, we’ll raise that as an issue’.”
Such fast-feedback mechanisms are central to the success of the agile and iterative approach that Save the Children’s organisations favoured during the project, making it easier for the teams to tweak their plans as and when needed.
Particularly as the Microsoft, cloud-based identity and access technology the team was planning to use – known as Azure Active Directory – was still having its functionality tweaked and developed.
In the project’s early days, the team was trying to add functionality that either did not exist or had not yet made it into the production version of the technology.
“We were at the forefront of what we were trying to do in that regard,” says Gray. “When we started in 2015-2016, we were wondering how we could shoehorn what we wanted to do into this very mature product [Azure].
“And when we came back [to start the project], we said, ‘oh, hang on, it is about 80% there, and now it is 100% there, with some small customisations [by us] towards the edge’.”
And trying to build a platform from technologies that are iteratively having their functionality tweaked and expanded, as Microsoft’s preview release cycles gather pace, is not without its challenges.
“We were trying to develop an architecture over a period of time, while every week there was a new release, and some stuff would come in and out of preview, and some bits were changing as a result, and – in amongst all that – we were trying to build a platform,” says Gray.
Even so, compared to the amount of effort and complexity that Amido encountered when working on a similar project some years before, none of the challenges was insurmountable.
“That project involved a big insurer that had grown globally over time, and they wanted their subsidiary to feel like a part of the big corporate machine,” says Gray. “But we didn’t know how to do that, and none of the technology we used in this scenario [with Save the Children] existed at all.”
Putting users to the test
When designing the set-up, employees were categorised according to how far along their bit of Save the Children had got with migrating over to Office 365 to work out how best to connect them to the Azure Active Directory from wherever they were in the world.
“I had a project manager on my side tying it all together, trying to do all the admin and communications side of managing the project,” says Kent. “But there was also this wild stakeholder map all over the world, in all these sites, that had to be all in line [as the deployment progressed].”
Together, the teams ended up hitting their November 2017 deadline, and now the focus is on integrating the set-up with the various shared services the Save the Children team makes use of throughout the world.
In keeping with the project’s original aim of fostering a sense of togetherness across the 28 member organisations that make up Save the Children’s global presence, its Sharepoint-based global intranet was the first to be integrated in February 2018.
Next on Kent’s agenda is linking in its Workplace by Facebook instance, because of the important role this plays in aiding collaboration between members, says Kent.
“It is great for collaboration and culture … and if you go back to the start, that really goes back to the CEO vision in 2015, that we want to feel like one team,” he adds. “We achieved that by making it possible to use a single identity from wherever we are in the world.”