This week I wanted to take the time to answer a couple of the pressing questions I am hearing from many of you which I hope provides more information on the current situation.
Why can’t we turn MMS back on?
Many of you have asked a very sensible question regarding whether the MMS application (the old membership system) could be restored to service whilst Compass is offline. Whilst it may appear to be a simple solution, unfortunately the reality is not as straightforward as it may seem. Whilst MMS was extremely unstable and difficult to support it did provide a basic level of service. One of its biggest problems however was the underlying database. Not only was the database technology very old, but it was also extremely complex and difficult to maintain. This presented huge challenges to the data migration into Compass and in order to restore the MMS service, we would need to perform a reverse data migration from the current Compass dataset back into MMS. This process would take many weeks to perform and test. One of the challenges with MMS was that it allowed data to be stored in a very unstructured format and continued use of MMS would further complicate the migration of data back to Compass when it is ready to be restored. We believe at this stage that the time and effort invested in restoring MMS would be better spent restoring Compass. In addition, the changes to the disclosure process instigated by the Ministry of Justice meant we had to change the way in which we process disclosure applications in England and Wales. We are unable to make these changes in our system linked to MMS which means that even if we could restore MMS we would not be able to operate the revised disclosure process through MMS.
When will Compass come back online?
We have now completed the external security review of Compass. The results of the audit have only just been received and we are now working closely with our partners to fully understand the scope, scale and impact of the results. While we are still working through the results I would like to repeat my reassurance that there was no breach or hack of Compass. We identified a potential vulnerability and to prevent this vulnerability from being exploited, we took the decision to take Compass offline. Along with the security reports we are also reviewing all other known issues with Compass and continue to plan the work to remediate all issues identified and to restore Compass as soon as it is ready to deliver a good and safe service to you. All of these things take time and so I do not have an exact timescale for this yet but as soon as we get a clearer picture I will share this with you all.
Over the coming weeks I will be sharing my vision for Compass and how we will be looking to develop the platform further, including how we may work with other platforms in the future like OSM, as I know this is another burning question from many members. Compass was originally conceived to be your tool; designed by you but delivered by us. It appears from the feedback from many of you, that ‘something got lost in translation’. Our immediate focus is to restore service to you, but to make Compass as useful to you as possible; we will need to address all of your concerns directly. I alone cannot fix everything, but together we can.