Lead Machine Pink 160x1200

Lead Machine Pink 160x1200

iTWire TV 705x108notfunny

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 28 July 2020 11:54

Secure cloud rules suddenly favour locals. Pigs have taken wing

Secure cloud rules suddenly favour locals. Pigs have taken wing Image by OpenClipart-Vectors from Pixabay

Quite surprisingly, with the issue of new guidelines for secure cloud services, the talk among government functionaries has turned to promotion of local companies as being more suited for this role locally than foreign firms.

This is in stark contrast to what has been happening in the past, ever since the Australian Signals DIrectorate was given the task of certifying which companies could provide Protected cloud services – in other words, companies that were able to host government data that had the highest security classification.

It is indeed somewhat ironical that the Digital Transformation Agency — which has whole-of-government deals only with foreign firms AWS, IBM, Microsoft, Rimini Street, SAP and Concur — should be one of the parties drafting the rules that aim to give preference to local companies when it comes to secure cloud contracts.

As to why there was a need for new rules, some informed speculation is indeed illuminating. The earlier avatar of certification had the Australian Cyber Security Centre and the ASD jointly signing off.

iTWire understands that the ASD was not very happy about some of the American companies being given the green light, as there were conditions that the Australian companies on the list had met which were not enforced for the Yanks.

The man claimed to be favouring the Americans and allowing them concessions is said to be the former head of ACSC, Alastair MacGibbon, though he has denied this.

Microsoft, for example, was given the certification along with a host of changes that it needed to make post-certification. This did not sit too well with the Signals folk.

Indeed, there were reports that the ASD staffer who oversaw Microsoft's application refused to grant it on security grounds. She was then promptly unseated by then ASD director-general Mike Burgess, something which has, of course, been denied.

And in the case of Amazon Web Services, again there was murmuring that the company had offered just its bog-standard service for evaulation and been shown an open door.

In the US, the AWS cloud service offered to the government is air-gapped, has top-notch encryption, controlled metadata and only on-shore security-cleared personnel can operate the facility. But Australia, evidently, is a poor relative.

Strangely, as flagrant as these happenings were, they were not the straw that broke the camel's back. They were not spoken about apart from in some very narrow circles.

Canberra sources tell iTWire, that the change came about when AWS was given the contract — without any competition, by the Department of Home Affairs — to store data for the Australian COVIDSafe app.

Apparently, this matter was discussed to death on social media and it generally caused a big stink about the business of government contracts.

And the outcome was that phrases like "sovereign cloud providers — those owned and operated by Australians within Australia — could provide a significantly reduced risk compared with foreign-owned entities, even those operating from within Australia", suddenly appeared in the new guidelines for secure cloud providers.

Now it is entirely possible that these words will remain just that: words.

But it is worthwhile noting that after years of effort, one man, Rupert Taylor-Price, who runs the cloud firm Vault, finally managed to overcome a hoodoo — or bias, take your pick — and strike a whole-of-government deal with an Australian government, in this case the state government in NSW.

That was something nobody expected to see, not in this century anyway. Given that, it may well be that other surprises also lie ahead.

Read 2173 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News