Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 30 October 2018 10:24

Amazon's bid for Protected cloud ain't in the top drawer

Amazon's bid for Protected cloud ain't in the top drawer Pixabay

Amazon plans to enter the Australian Protected cloud market, but it really can't be bothered to offer the same service as it does to the American Government, it would appear.

The behemoth will be offering Australian Government agencies the same commercial cloud service that it does to every entity on the face of the earth – just as soon as it gets what it says are 46 different AWS services certified by the Australian Signals Directorate.

In a wonderfully detailed interview, which conveyed the sense of — well, arrogance is the only word that fits — that AWS possesses, the editor of the website InnovationAus, James Riley, quoted its Singapore-based regional managing director for public service, Peter Moore, as saying: "The message is that our scale, and with the length of time we have been in this business that we are able to deliver capabilities that just can’t be delivered by an individual government agency of any size.”

AWS would be the second American company to be certified as a Protected cloud provider if, and when, it does get the ASD tick. Microsoft was the first, though some controversy surrounded its being given the certification, with fiats being attached.

In the US, the AWS cloud service offered to the government is air-gapped, has top-notch encryption, controlled metadata and only on-shore security-cleared personnel can operate the facility.

But for the plebs in Australia, apparently, these specs aren't really necessary.

It may partly be the fault of Australian agencies for bowing and scraping before the Americans and demeaning their own. Three Australian companies — Vault (formerly Vault Systems), Sliced Tech and Macquarie Government — have been certified to the Protected level, but when a fourth, Secure Collaboration, tried to join the club it was knocked back.

After voicing its concerns in public, Secure Collaboration was offered consultations with Angus Taylor, then the minister for cyber security. But then the Coalition Government began the process of assassinating Malcolm Turnbull and, in that mess, the case of Secure Collaboration seems to have disappeared off the table.

Indeed, the entire security requirements for government agencies — encapsulated in a booklet known as the Information Security Manual — appear to have changed. The manual itself got a new name — the Cyber Security Manual — which, once again according to  InnovationAus, seemed to be backfilling the requirements to justify giving Microsoft Protected status.

But then, again after the Turnbull troubles, the CSM disappeared from view and a new version of the ISM reappeared.

Macquarie's Aidan Tudehope has been the only player to make any comments about all this drama.

"It is unfortunate Federal Government processes for certifying and classifying outsourced cloud services for use by Government has become a matter of controversy," he wrote in a letter to InnovationAus.

"It is even more unfortunate to see blurring of the lines between the ability of an agency to use a service and the 'gold standard' Australian Signals Directorate certification process. The security of the information held by our Government agencies is too important to be treated glibly."

But with the Coalition Government said to be in a rush to push services to the cloud, and the cheaper options — not necessarily the most secure — being American, it looks like local players will have to be satisfied with crumbs.

A classic example of this was witnessed earlier this year, when Vault, which was supposed to be hosting a trial of GovPass, was unceremoniously pushed out.

To date, the Digital Transformation Agency is mum on who will be the cloud host for the trial — which is to be run by the Australian Taxation Office and the Department of Human Services — but given that the DTA itself has engaged the services of Microsoft, it seems very likely that more Australian dollars will be flowing in the direction of Redmond.

But when a country has gone to the extent of specifying that documents submitted for the purpose of contesting its elections have to be in a Microsoft-compatible format, then this certainly would not come as a surprise. Bowing and scraping appears to have become an art form Down Under.

Subscribe to Newsletter here

WEBINAR 12 AUGUST - Why is Cyber Security PR different?

This webinar is an introduction for cyber security companies and communication professionals on the nuances of cyber security public relations in the Asia Pacific.

Join Code Red Security PR Network for a virtual conversation with leading cyber security and ICT journalists, Victor Ng and Stuart Corner, on PR best practices and key success factors for effective communication in the Asian Pacific cyber security market.

You will also hear a success story testimonial from Claroty and what Code Red Security PR has achieved for the brand.

Please register here by 11 August 2020 and a confirmation email, along with instructions on how to join the webinar will be sent to you after registration.

Aug 12, 2020 01:00 PM in Canberra, Melbourne, Sydney. We look forward to seeing you there!



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.





Guest Opinion

Guest Interviews

Guest Reviews

Guest Research & Case Studies

Channel News