Status: Complete

Open-source all digital systems

The SUSU website is one of the most terrifying systems I have ever used. Just from external observations, I can see signs of potential security issues, and if I prodded further I wouldn’t be surprised with what I found - it really doesn’t surprise that the entire SUSU database was publicly accessible a few years ago. 

As SUSU’s digital systems are not commercially sensitive - the Union is a registered charity, not a for-profit organisation - it makes perfect sense for everything to be open source. This allows external accountability and auditing of the codebase (for free), external bug fixes/feature contributions (for free), can help with talent acquisition for the development team, can take advantage of advanced security scanning tools that are often free for open-source projects (GitHub is one example), can give students confidence in a platform that is perceived to be very poor, and it also means that code which has no reason to be private can be rightfully put into the public domain. 

The Union’s code is already stored in Git repositories - switching them to being public rather than private would generally take less than 30 seconds - although if it isn’t already stored on GitHub then migrating/mirroring the repo to the platform would be a good thing to do to keep within the spirit of putting it in the public domain. 

8
UP VOTE

0
DOWN VOTE