Home Government Tech Policy AWS gets the tick for Commonwealth Government use

AWS gets the tick for Commonwealth Government use

Amazon Web Services' Sydney region has passed an IRAP assessment, allowing its use for certain government purposes.

Njoy Security has issued a letter of compliance to Amazon Web Services, attesting that an Australian Signals Directorate (ASD) endorsed assessor has found that Amazon's Australian data centres and the EXC2, VPC, S3 and EBS services hosted in AWS's Sydney region can be used "for unclassified but sensitive information referred to as UNCLASSIFIED (DLM)."

This classification covers information that is not classified, but is not intended for public release.

One example is health-related data.

"AWS is a key partner for Healthdirect Australia. ISM compliance means that we can more securely provide all Australians with access to the right advice on the appropriate care for their health issue, where and when they need it," said Healthdirect Australia general manager of digital services and CIO Professor Anton Donker.

"Healthdirect Australia understands that the information we are entrusted with is important to the public and needs to be treated accordingly. We have worked with AWS over the last two years to ensure that we meet appropriate security standards. This milestone assures us that we can continue to provide our services with confidence."

The two-stage process followed by Njoy Security first checked that the architecture was based on sound security principles and addressed all the controls in the Government's Information Security Manual, and then that the controls had been implemented and were operating effectively.

A statement by AWS describing the way its services align with various standards and models (including ASD's cloud computing security considerations) is available here.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.


Popular News