DTA moves to clarify secure cloud strategy
The Digital Transformation Agency has moved to clarify common questions and misconceptions about the government's new secure cloud strategy.
In a list of FAQs, the agency noted that the new strategy does not change the way cloud services are certified, but instead confirms existing practices.
These include the need to keep the government's lead information security agency informed about any cloud projects and to give government agencies the option to arrange their own security assessments using the accredited professionals and requirements followed by the Australian Signals Directorate.
Likewise, the DTA noted that cloud deals are no different to any other outsourcing deals to technology service providers. The same principles of knowing who a supplier is, what access they have to government data and what they do to protect stored information apply to the cloud.
The strategy also confirms that using offshore cloud services is acceptable so long as the government information being stored does not include any private or sensitive data.
Finally, despite questions of whether there should be one solution for every agency, the DTA said because each agency is in a different place in terms of cloud adoption, a one-size-fits-all solution would not fit all.
Instead the DTA has asked agencies to publish their own cloud strategies so they can be shared and disseminated with other departments.
Audit Committee recommends whole-of-government framework for AI use
The House of Representatives Joint Committee of Public Accounts and Audit has released a report...
DTA signs new whole-of-government arrangement with AWS
The Digital Transformation Agency has announced it has signed a new...
Oracle achieves HCF attestation for OCI
The Oracle Cloud for Australian Government and Defence solution has achieved Hosting...
