Home Government Tech Policy Protected cloud: ASD claims same standards apply to all firms
Protected cloud: ASD claims same standards apply to all firms Featured

The Australian Signals Directorate says the Australian Cyber Security Centre does not apply different security standards to different cloud service providers.

The agency was responding to queries from iTWire over the exit of a senior female staffer, reportedly over the granting of Protected cloud status to Microsoft, and also its refusal to grant a small Australian company similar status even though the firm appears to have met all the necessary specifications.

A report in InnovationAus.com said an ASD staffer, Melissa Osborne, had been responsible for the certification of the first four cloud providers to gain Protected status: Dimension Data, Macquarie Telecom, Sliced Tech and Vault Systems.

She was said to have been overseeing Microsoft's application but, when she refused to grant it on security grounds, was removed from her role by ASD director-general Mike Burgess.

In April, Microsoft was announced as having gained Protected cloud status for its Azure and Office 365 services. Questions were raised about the certification after the ASD issued a consumer guide containing a number of fiats about the services.

An ASD spokesperson said it could "confirm the information related to the alleged removal of the individual [Osborne] is incorrect. The ASD will not comment further on the employment status of its personnel".

"The ACSC works collaboratively with cloud service providers to meet prescribed security standards within the Protective Security Policy Framework and the Information Security Manual. Microsoft met the prescribed security standards."

From this financial year, the ACSC has become part of the ASD, as part of the reorganisation of government departments following the creation of the ministry of home affairs.

"The versatile nature of cloud technology and the difference in cloud architecture between cloud service providers requires a flexible approach to meeting the security standards," the spokesperson said.

"The head of the ACSC [Alastair MacGibbon] is the senior responsible officer for all cloud certifications for the government, including responsibility for approvals and denials of cloud certifications.

"The ACSC continues to review its cloud certification program to ensure that it protects the security and integrity of government networks and information, and that it meets the requirements of new and emerging technology."

In a post on her LinkedIn page, Osborne denied that Burgess had been responsible for her exit. "Disappointed to read this article blaming DGASD Mr Mike Burgess for my resignation from Defence," she wrote.

"Mike has been nothing but supportive of my career and has provided me with encouragement and mentorship. I was not consulted by the author of the article, nor was Mike."

47 REASONS TO ATTEND YOW! 2018

With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect