Government certifies top four “strategic” cloud providers – Strategy – Cloud
The federal government has certified the first four cloud service providers capable of holding protected-level public sector data under its new hosting certification framework.
Amazon Web Services, Vault Cloud, Sliced Tech and AUCloud received approval from the Digital Transformation Agency on Thursday as the first tranche of “certified strategic” cloud providers.
Strategic certification is the highest level of assurance in the framework and requires hosting and data center providers to allow the government to specify the terms of ownership and control.
The lowest certification is “Certified Insured Hosting Provider” – the minimum purchase for data centers and managed service providers wishing to host protected tier data or government-wide systems.
All protected-level data and data from whole-of-government systems must now be stored in certified or certified mission-critical data centers.
The four cloud providers join seven data center providers – or “direct” providers to government – who have already been certified at the strategic level.
Data centers in Canberra, Macquarie Telecom and Australian data centers were the first to achieve coveted status in June, followed by NextDC, Equinix and Fujitsu in August.
The DTA has not yet certified any service providers or data centers to the lower certification level of Certified Insured.
Panelists on the government’s data center arrangement were the first to become eligible for certification in April, while “indirect” providers like cloud providers began applying in September.
In a statement, AWS A / NZ Public Sector Director Iain Rouse said the certification would give confidence to government agencies that use its services and allow them to continue to innovate.
“AWS is very sensitive to the security needs of our customers in every location we operate,” he said.
“We know how important it is to [government] to mitigate risk in supply chains and data centers, and we understand that agencies need to identify and source technology from vendors they trust.
“AWS certification … reinforces our continued commitment to the highest standards in digital security and means Australian citizens now have even more confidence in the government securing their data.
AUCloud chief executive Phil Dawson said the certified strategic certification highlights the company’s credentials as a “sovereign cloud provider” supporting the government.
He said this, combined with AUCloud’s investment in security, demonstrates that the government can operate “mission critical national security environments with confidence.”
“AUCloud’s security capabilities exceed Australian best practices for classifying data until it is protected,” added Dawson.