Insights

Field notes on building trustworthy systems

Writing from our practices on the decisions that make public-sector technology secure, private, and durable, drawn from the systems we actually build.

Security7 min read

The client is always untrusted: designing systems that assume compromise

A customer's browser, a partner's API call, and a shared terminal are all attacker-reachable. The discipline that keeps a critical system safe is deciding what is allowed to run there, and what never can.

12 May 2026

Data Governance6 min read

Data minimization as law, not policy

The safest data is the data you never collected. We treat minimization as a hard constraint on the schema, not a value statement in a policy document.

22 April 2026

Delivery8 min read

Replacing a critical legacy system without taking it offline

Modernization fails when it treats the old system as something to switch off on a Friday. The real constraint is that the service it runs cannot stop.

30 March 2026

Security6 min read

What a credible security audit actually covers

A scan is not an audit, and a clean report is not a safe system. Here is what separates an assessment a regulator can rely on from a PDF that just looks reassuring.

4 March 2026

Engineering6 min read

One accessible codebase for the phone, the desktop, and the on-site terminal

Three devices, three contexts, one application. Building adaptively rather than separately is what keeps accessibility a guarantee instead of a per-platform afterthought.

11 February 2026

Infrastructure7 min read

Relocatable by design: avoiding cloud lock-in in public infrastructure

A government system can be hosted on a commercial cloud today and still be free to move tomorrow. The trick is to decide that on day one, in code.

20 January 2026

Have a system you want a second opinion on?

We are happy to talk through an architecture, a program, or an assessment, whether or not it turns into an engagement.

Start a conversation