ASD certifies first ‘hyperscale’ data service for Protected classification

By Harley Dennett

Tuesday April 3, 2018

The Cyber Security Minister says the APS must to move to the cloud to provide better services. He assured the media that citizen data will be safe from prying by foreign governments, including the United States.

Microsoft Office 365 and Azure services are the first ‘hyperscale’ cloud services to be granted permission by the Australian Signals Directorate to host Commonwealth’s Protected material. They join four other service providers with the Protected classification – Dimension Data, Macquarie Telecom, Sliced Tech and Vault Systems.

Angus Taylor, Minister for Law Enforcement and Cyber Security, made the announcement today, and assured journalists that in the wake of Cambridge Analytica and other Facebook privacy controversies, no other government will have access to Australians’ data hosted on servers that receive this certification.

The certification itself is often framed around excluding foreign state access to the supply chain, particularly China and Russia. Taylor also confirmed that the United States government would not have access — a concern for journalists as Microsoft is an American company, and the US is a partner in the Five Eyes intelligence sharing agreement.

“Australia is under increasing cyber security threat and as government and critical infrastructure innovate and transform, it is imperative that we remove risk in our existing systems and use modern, secure cloud technology,” the minister said.

The government would rather talk about cost savings and speed of service development. Taylor says Australia can develop a ‘world-leading’ technology sector and digital government in the coming years.

“One place where that can be realised is in Canberra. We shouldn’t underestimate the potential for this city to be more than just a city that delivers government to the rest of Australia but a city and a region [which includes the minister’s electorate of Hume] which can deliver the best of what Australia has to offer to the world.”

ASD’s Protected certification took a little over 6 months, which appeared to annoy the minister who spoke at length about speeding up delivery of government services and allowing industry to enhance those services with their own ideas and innovation.

“There’s a very large amount of data that government houses. [Using the cloud-based data] prototypes happen very quickly. We can test things at a much lower cost than we otherwise would have been able to in a government environment which is Protected. We can do things at lower cost and faster and that’s what governments in this era need to be able to do.”

Government puts faith in CDC

Taylor and Steven Worrall, managing director, Microsoft Australia are both singing the praises of Canberra Data Centres for carrying the load on this data-centric transformation of public services. In addition to the existing centres situated around the Commonwealth’s Canberra ICON network, two new centres are being developed.

Greg Boorer, CEO of Canberra Data Centres, noted that demand is growing: “Government estimates that its data holdings will be 100-fold larger in the next decade than they are today. The addition of Fyshwick 2 (the latest data centres) will ensure enough capacity for two to three years’ growth in the market we operate in, both meeting the needs of our direct clients, and also those government agencies and departments that will use Microsoft Azure delivered out of our data centres.”

In the simplified Commonwealth system, Protected is the first full classification higher than Unclassified. Not even the government has any idea how many records it holds are classified as Protected.

James Kavanagh, Azure Engineering Lead for Microsoft Australia, and Greg Boorer, Chief Executive Officer, Canberra Data Centres.

Switch flipped on new Australian, NZ cloud regions tailor-made for government

Microsoft has turned on the charm with government and the public sector’s business partners, and now it has to deliver. Two new Azure cloud computing regions, located in facilities of Canberra Data Centres, are available from today for mission-critical demands of government and national critical infrastructure.

Less than a week after the federal parliament passed new legislation creating a framework for security of Australia’s critical infrastructure, Microsoft has opened its digital doors to the Commonwealth’s private ICON network.

While the government will only allow Unclassified and Protected data to be stored in private facilities, the new regions are designed up to Secret classification requirements and will have direct connectivity to all existing government data stores, which the technology giant says will deliver the opportunity for real time data streaming and analysis for government agencies.

Every Commonwealth portfolio has some or all of its data stored at the Australian-owned Canberra Data Centres already, and the public sector faces continued pressure to make better use it. However, a concern repeatedly raised both inside and outside government is whether the controls and security to allow greater cross-linkage of public data are sufficient.

James Kavanagh, Azure Engineering Lead for Microsoft Australia, says the feedback they got after the regions were first announced last year is that’s not enough just to meet government’s needs. “Critical infrastructure is such a public-private relationship. There’s so much critical infrastructure that government has an interest … we heard loud and clear that we had to try to address government and critical infrastructure as a combined entity and find a way to address their security, resilience, compliance concerns, and unlock the innovation they want to deliver.”

The new regions will have 47 partners on launch day, including staple government partners like SAP, PwC, Objective, Veritas, Accenture, Axon and Leidos. Kavanagh says the new regions are designed for mission-critical workloads, “the most sensitive, the most complex workloads of government”, and provide all the partners with a verifiable supply chain that complies with the growing list government requirements.

The unique requirements of government’s physical, personnel and software security was a major factor in their decision to offer these regions. Kavanagh adds: “We have a high regard for the rigor of Australian Signals Directorate and IRAP assessors and we deeply understand the necessity of adapting and implementing specific controls to meet Australian requirements, standards and processes. This is especially the case for the handling of Protected classified data which demands a higher degree of physical and personnel security controls along with complete transparency on supply chain integrity.

“Australian government quite rightly has sophisticated compliance processes and controls for Protected-classified data – controls that we have designed to exceed here in Canberra.”

Microsoft Australia has also started a new program to provide IT skills training to 5000 public sector workers in Sydney, Melbourne, Canberra, Perth, Brisbane and Adelaide by 2020. The program is designed to align with the recently released Australian Government Secure Cloud Strategy.

This comes as the Australian Public Service Commission has requested bidders for assessing and testing the IT skills of APS workers.

Top photo: Minister for Law Enforcement and Cyber Security Angus Taylor and Steven Worrall, MD of Microsoft Australia.

About the author
Inline Feedbacks
View all comments

The essential resource for effective
public sector professionals