Tuesday, 09 July 2013 06:43

Cloud OK if it’s secure, says the Government Featured


The Federal Government has released a guide to the secure use of cloud computing. It is part of a much broader security framework.

Attorney-General Mark Dreyfus and the Minister Assisting for the Digital Economy, Senator Kate Lundy, have released the policy as part of the Government's push into cloud computing. The new announcements are particularly concerned with cloud's data security aspects.

It is part of a larger Protective Security Policy Framework (PSPF), a complex series of documents outlining how government agencies should “protect people, information and assets, at home and overseas.”

The cloud guidelines are designed to ensure government agencies can “take advantage of the opportunities enabled by cloud computing and the NBN while maintaining the privacy, security, integrity and availability of personal information,” said Dreyfus in a statement. “The policy will aid decision-makers in determining when to allow the use of offshoring or outsourcing on a case-by-case basis.”

The policy builds on the National Cloud Computing Strategy released at CeBIT in May by former Minister Stephen Conroy. “A key goal of that strategy is that the Australian Government will be a leader in the appropriate use of cloud services,” said Senator Kate Lundy, who now represents Conroy’s old department in the Senate.

”This Government is an enthusiastic supporter of new technology such as cloud computing, especially where it not only facilitates government business but helps us get the best value for the tax payer dollar,” she said.

“Cloud technology is fundamentally changing the way we think about communications technology. Combined with the rollout of the NBN, cloud computing has the potential to revolutionise how we consume and use digital technology.”

Lundy said that much of the Government’s unclassified data can be stored in a public cloud, subject to a risk assessment. “Information that requires privacy protection, however, requires stronger safeguards.”

Dreyfus said the Government has paid special attention to the security of personal information. “People expect this information to be treated with the highest care by all organisations, but by government in particular,” Dreyfus said. He did not mention the recent kerfuffle over data retention, in which his department has been accused of secrecy and withholding information (CommsWire, 5 July).

“Safeguards have been incorporated so that before personal information can be stored in the cloud, the approval of the Minister responsible for the information, and my own approval as Minister for Privacy, must be given. This is to ensure that sufficient measures have been taken to mitigate potential risks to the security of that information.

“Government is trusted to hold a great deal of information on citizens and business and it is expected that this information is protected. As much of our work is online, and technology is constantly evolving, we must regularly ensure we are continuing to meet our obligations in protecting the information given to us,” Dreyfus said.

“We are now introducing a policy to assist Australian Government agencies in assessing the privacy and security risks which might occur in the cloud so they can decide when cloud arrangements are suitable for their business needs.

“The safeguards we have put in place will ensure the Government can take advantage of cloud computing to reduce storage costs and improve efficiency while still ensuring the external storage and processing of data only occurs where the privacy of personal information can be properly protected.”

He was referring to the Government’s new Protective Security Policy Framework (PSPF) which specifically mentions cloud computing and data storage. It is intended to ensure, amongst other things, that:

  • Information that doesn't require privacy protection can be stored and processed in outsourced and offshore arrangements after an agency level risk assessment.
  • Privacy protected information can only be stored and processed in outsourced and offshore arrangements with suitable approvals in place.
  • Security classified information cannot be stored offshore unless it is in special locations (such as Australian Embassies) or under specific agreements.

The cloud aspects of the new policy have been bundled together and snappily called The Australian Government Policy and risk management guidelines for the processing and storage of Australian Government information in outsourced or offshore ICT arrangements.

It is available at the PSPF website: www.protectivesecurity.gov.au

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Graeme Philipson

Graeme Philipson is senior associate editor at iTWire. He is one of Australia’s longest serving and most experienced IT journalists. He is author of the only definitive history of the Australian IT industry, ‘A Vision Splendid: The History of Australian Computing.’

He has been in the high tech industry for more than 30 years, most of that time as a market researcher, analyst and journalist. He was founding editor of MIS magazine, and is a former editor of Computerworld Australia. He was a research director for Gartner Asia Pacific and research manager for the Yankee Group Australia. He was a long time weekly IT columnist in The Age and The Sydney Morning Herald, and is a recipient of the Kester Award for lifetime achievement in IT journalism.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News