Signs are emerging that Federal government adoption of Software as a Service (SaaS), Infrastructure as a Service (Iaas) and Platform as a Service (PaaS) are significantly on the rise and that there is a growing degree of comfort with hybrid cloud solutions.
Federal government security accreditation has now been achieved, albeit to differing levels, by three of the major ‘hyper scalers’ – Google, Amazon Web Services (AWS) and Microsoft Azure.
Hybrid cloud has emerged as ‘cloud nirvana’ for government agencies. It is seen as allowing them to split their systems into a public off-site cloud while simultaneously operating a private network.
The public cloud will provide all its advantages of scale and compute power to manage the bulk of non-contentious data and computing. Private cloud, on the other hand, can manage the sensitive, PROTECTED level data that governments are increasingly nervous about in this era of cyber security threats and heightened citizen concerns about privacy and personal data misuse.
Microsoft gained PROTECTED level certification on the Certified Cloud Services List (CCSL) in 2018 for its ‘Federal Region’ instance of Azure. It utilises a Canberra Data Centres facility to supply government with IaaS and PaaS solutions with hybrid capabilities in-built.
Microsoft counts the Victorian State Emergency Services, the Australian Border Force and the Department of Industry, Innovation and Science as key examples of its capability to meet agencies’ dynamic and mobile needs via its hosting infrastructure.
Google achieved accreditation for the management of unclassified information on 13 December 2018. Google had been working through its IRAP accreditation for at least the previous three years, so no doubt will waste little time trying to recoup the investment it has had to make to achieve this accreditation. Its Google Cloud Platform has strong pockets of advocacy across the Federal Government as an alternative to the dominance of the Microsoft suite of office products.
AWS has made significant inroads into the nascent IaaS market in Canberra, but as a great deal of its business is signed via partners, its full penetration of the Canberra market is difficult to assess.
Although both AWS and Google still face hurdles to achieve Microsoft’s PROTECTED status, given the potential value in being able to provide PROTECTED level services, both will have to do so if they are to vie with Microsoft.
The two agencies that have most recently made a move to take advantage of the PROTECTED private cloud status of Azure are the Department of Foreign Affairs and Trade (DFAT) and the Department of Jobs and Small Business (DJSB).
DFAT issued a request for a cybersecurity specialist to certify and ensure the secure implementation of Microsoft cloud services for Office 365 and Azure via the Digital Marketplace in December 2018.
In so doing, DFAT has moved position significantly on its attitude to cloud over the last five years. The department adopted a “cloud-first” policy in 2014 but this cloud solution is one of the first signals of a major embrace.
More hybrid cloud is on the horizon, according to a DFAT spokesperson.
In mid-January 2019, DJSB approached the market via the Digital Marketplace for a lead developer to “design and implement a refresh” of the PROTECTED level services currently in use as part of its digital transformation.
Since 2015 DJSB has shared IT and corporate services with the Department of Education and Training under a now defunct arrangement known as the Shared Services Centre (SSC). The SSC was run by the then Department of Employment to serve the needs of both agencies. The SSC eventually provided a range of services to other departments and it is part of this legacy that has DJSB currently providing services to 18 separate agencies for the building of a new cloud environment. According to the Digital Marketplace notice, the solution is approaching end of life.
DJSB states the new solution will be developed using Citrix Cloud for management of services and Azure Infrastructure as a Service (IaaS) and that both networks will be linked through general infrastructure to ensure seamless delivery of services.
Cost, computational power and interoperability have emerged as some of the major reasons for the wholescale government shift towards cloud-native and hybrid cloud platforms across Australia.
South Australia’s 2018-2021 ICT Strategy heavily emphasised the need to prepare for “the era of hybrid and multi-cloud IT environment” in digital service delivery.
Service NSW in 2017 highlighted the need to be able to smoothly transition between cloud suppliers, envisioning a multi-vendor hybrid cloud model that encourages a “start-up culture” approach within the agency.