Story image

AU Government announces new cloud strategy

05 Feb 18

The Australian Government has released its new cloud strategy replacing a policy developed in 2014.

The Secure Cloud Strategy, which focuses on helping government agencies use cloud more easily, is the result of collaborative work in 2017 by government and industry.

The Government will use the new strategy to prepare agencies for the shift away from on-premise infrastructure and to cloud.

The Government’s initiative will support agencies through their transition to cloud, while guiding them past a “number of factors can get in the way of agencies realising their cloud aspirations,” like stubborn operating models and lack of knowledge and experience.

The key initiatives of the strategy are:

No one-size fit all

Agencies develop their own cloud strategies to suit their own needs.

Agencies will use strategy as a starting point to produce their own value case, workforce plan, and best-fit cloud model and service readiness assessment.

Cloud implementation will be guided by 7 cloud principles:

  1. Make risk-based decisions when applying cloud security
  2. Design services for the cloud
  3. Use public cloud services as the default
  4. Use as much of the cloud as possible
  5. Avoid customisation and use cloud services as they come
  6. Take full advantage of cloud automation practices,
  7. Monitor the health and usage of cloud services in real time.

Move towards an appropriate, layered certification model

The Government’s strategy will see a layered Cloud Certification Model created which will see greater opportunity for agency-led certifications, rather than just ASD certifications.

This will create a layered certification approach where agencies can certify using the practices already in place for certification of ICT systems.

Service procurement will be aligned with ICT Procurement Review

As cloud services move more rapidly than services available through panels traditionally do, the recommendations in the ICT Procurement Review align well with creating a better pathway for cloud procurement.

Clarify cloud system requirements with a common assessment framework.

An assessment framework and cloud qualities baseline will be introduced to clarify requirements.

A Cloud Responsibility Model

The strategy will develop contracts that clarify responsibilities and accountabilities of cloud providers to address unique cloud risks, follow best practices and maintain provider accountability.

Cloud knowledge collaboration platform

As a part of the strategy, the Government will develop a platform to share knowledge and expertise of cloud products and services.

The platform will enable secure sharing of cloud service assessments, technical blueprints and other agency cloud expertise, to iterate on work already done rather than duplicating it.

Cloud skills uplift programs

The Government will focus on building cloud skills and expertise within the Australian Public Service (APS) through existing and new programs.

Common shared platforms

The Government will explore and develop shared platforms that can be used by multiple services and reduce duplication, including:

  • Federated identity for government to enable better collaboration in the cloud.
  • A platform for PROTECTED information management to reduce enclaves in agencies, and continue to iterate cloud.gov.au as an exemplar platform.
  • Service Management Integrations services to enable agencies to manage multi provider services.

View the entire strategy here

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.