Secure Australian clouds will boost government’s digital transformation
Originally posted by David Braue @ CSO Online
Increasing localisation of high-security data-centre capacity within Australia will open new options for governments trafficking in sensitive data and businesses looking to assure customers their data is tightly protected, the government’s cybersecurity minister has predicted as Microsoft launched its new Azure Cloud Region for Australian Government and Critical Infrastructure.
Certified Cloud Services List (CCSL) accreditation of the company’s cloud platform – to be hosted within Canberra Data Centre’s (CDC’s) $150m-plus data centre in Fyshwick, ACT – will support the government’s ‘cloud first’ mandate and Digital Transformation Agency’s Secure Cloud Strategy with a secure facility capable of managing data with up to PROTECTED classification.
The infrastructure could be used for “anything that is protected,” minister for law enforcement and cyber security Angus Taylor said at today’s announcement. “This means that in practice we can get innovations and prototypes happening very quickly without massive server projects to get up and running…. We know where data will be with complete certainty.”
The announcement included the PROTECTED-level certification of Microsoft Office 365 cloud platform and 35 different Azure services, giving the company a leg up in the ever more-competitive market for secure government cloud services.
Certification will allow the cloud to be used to stage and support secure collection of data for high-sensitivity applications such as a Citadel Group-authored demonstration app, called KEEP-US-SAFE, that enables real-time uploading and analysis of sensitive information from citizens witnessing potential public-safety incidents.
Data is securely stored on the Azure Australia Central region, and Citadel CEO Darren Stanley said the system could well be integrated into third-party applications, such as transport tools, to increase citizen participation.
Data sovereignty concerns have lingered throughout the evolution of cloud services, and Microsoft Australia managing director Steven Worrall said the “unusual” decision to host the Azure cloud region within CDC’s facility would allow Microsoft’s 11,000 partners – many of whom target government digital transformation projects – to bring ever more-secure capabilities to market.
“There is a lot of discussion about the ownership of data centres,” he said, “in relation to the risk with relation to the data stored in them. We will have controls in Canberra to give assurance about the services that will be hosted in Canberra. We are helping create a pathway that will allow more and more cloud capability to be available to the government.”
Microsoft isn’t the only cloud provider pushing to broaden the uptake of its platform. Amazon Web Services (AWS) recently announced PROTECTED level approval that would allow 46 AWS services within its AWS Sydney Region to be leveraged for government services that require highly-secure data.
The Australian availability of more secure-cloud options will address the concerns of executives that have long been highly concerned about the security of cloud data.
With the new notifiable data breaches (NDB) scheme now in effect and upcoming EU GDPR legislation increasing pressure on the secure management and control of citizen data, Taylor said the ability to leverage flexible and secure cloud infrastructure would be a game-changer for government.
“I am sure that in coming months and years, we can get faster at these accreditation processes,” he said. “They are extremely important to ensure that we can deliver secure services – but convenient and contemporary services – to Australian citizens while developing a great industry here.”