In late January, Amazon Web Services (AWS) announced that their hyperscale cloud platform in Australia is now certified to carry protected Australian government data, currently for the Sydney region only. 

This is huge news for AWS who have been trailing Microsoft by approximately 9 months following their announcement in April 2018. 

Government departments who have a requirement, and a desire to host systems and data platforms that contain sensitive information have started to embrace public cloud significantly in the past 12 months. With a growing need to optimise IT operating budgets and shift investment to higher priority government initiatives the timing of this is announcement provides extra assurance to the public sector as they look to the cloud to drive innovation forward, and cost down.

In an AWS blog posted on 23rd January 2019 by Matthew Graham, Head of Security Assurance for Australia and New Zealand at AWS:

“The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS for 42 of our cloud services. This is the highest data security certification available in Australia for cloud service providers, and AWS offers the most PROTECTED services of any public cloud service provider.” 

Peter Moore, AWS’ worldwide public sector Managing Director also provided the following statement after the announcement:

“The accreditation awarded to the AWS Sydney region to run and store protected security classification workloads in Australia is a major milestone for our existing customers and paves the way for others who may have been waiting for this certification in order to begin their cloud journey on AWS.”

So does this mean public sector organisations can start ingesting or storing data overnight into these services without any additional preparation and be confident that their data is secure? 

While this development is a big help in moving government cloud programs forward, there are still security considerations. 

Whether these organisations are a greenfield AWS customer and are just about to design and build their first Landing Zone, or taking the next step in their cloud native journey by fundamentally shifting their application architecture further and further to SaaS and PaaS, a number of critical considerations exist:

  • What Identity and Access controls are being put in place for your AWS landing zone to protect the data you are storing?
  • What Ingress and Egress controls are protecting the data being requested, transmitted, handled, and stored?
  • Have you considered how best to embed secure and compliant code in your CI/CD delivery pipelines?
  • What cultural uplift has been considered to increase security proficiency across all aspects of application development to drive continuous security rather than having it as a ‘bolt on’ at the end of the release cycle?

As an AWS APN Premier Partner, our public sector clients in both federal and state government sectors look to us for best-in-class consulting across cloud platform, migration, data and analytics, cloud-native development and DevSecOps. So, what does AWS’ announcement mean for public sector clients? What opportunities does it represent for them and how do we intend to help?

The AWS services now on the ACSC’s Certified Cloud Services List (CCSL) as PROTECTED include:

  • Amazon Elastic Compute Cloud (Amazon EC2)
  • Amazon Simple Storage Service (Amazon S3)
  • AWS Lambda
  • AWS Key Management Service (AWS KMS)
  • Amazon GuardDuty.

The news from AWS on their PROTECTED certification status for the Sydney region is a positive development for Public Sector clients. Detailed in Jesse White’s blog we explain how we can build a DevSecOps capability within software engineering functions. 

The announcement from AWS further lowers the barriers for entry for Public Sector organisations to accelerate their move into the cloud, which our team are excited to support in the coming years as our continued presence grows both in the private and public sector.

x

SIGN UP TO OUR UPDATES

DevOps Insights Directly to Your Inbox!

Join thousands of your peers and subscribe to our best content, news, services and events.