Feds toughen up G-Cloud guidelines

Powered by SC Magazine
 

Analysis: Locking down the governance piece of the cloud puzzle.

The Australian Government Information Management Office (AGIMO) has adopted a more cautious tone in the final version of its Community Cloud Governance "better practice guide", following industry and agency feedback.

The guide is part of a suite of documents put together by AGIMO on various aspects of cloud computing. Other guides cover privacy, legal and financial challenges.

A forensic comparison between the draft and final versions of the governance guide discloses some 159 insertions and 234 deletions.

Overall there are few substantive policy tweaks of the draft guide, which was issued back in May.

However, the revised tone is — if anything — more cautious and prudent about governance arrangements, highlighting additional security and reporting concerns.

Under AGIMO's cloud vision, larger agencies will effectively become cloud providers in their own right, with smaller agencies able to shift workloads between these various Governent-run resource pools with "minimum difficulty".

Such arrangements are being called "community clouds". Effectively, they are internal arrangements for organising Government-based clouds or G-clouds.

Governance better practice dictates that the lead agency in the arrangement report on the cloud's operation.

Under the governance guidelines, the lead agency is explicitly required to provide reports and advice to the Community Cloud Management Committee on the status and position of the community cloud operations, its development and any issues.

The lead agency is also required to manage and evaluate the mechanics of setting up the community cloud — for example, tendering and selecting external service providers — on behalf of smaller user agencies.

Oversight of G-cloud arrangements also are elaborated in the final guide. In particular, the Government’s CIO Committee and the Secretary’s Information Governance Board (SIGB) may become involved in governance where cloud services "cross more than one portfolio".

Copyright © iTnews.com.au . All rights reserved.


Feds toughen up G-Cloud guidelines
Cloud in puzzle
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Cloud in puzzle
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1009

Vote