Feds eye new cloud safety guidelines

Powered by SC Magazine
 

Agencies required to show safeguards in place.

The Government will put forward a new position on cloud computing that encourages a "heightened sensitivity" among departments that plan to take advantage of it.

Speaking to some 800 delegates at at the Security in Government 2012 conference, Attorney-General department secretary Roger Wilkins said he wouldn't rule out cloud use by agencies but would advocate a “degree of circumspection” around such decisions.

Though he saw cloud as the "way of the future", he remained concerned about jurisdictional issues around data storage.

“There are some considerable difficulties in storing stuff off-shore and subject to other jurisdictions – even benign jurisdictions,” Wilkins said

He said the onus would be on government organisations to demonstrate that appropriate safeguards were in place.

“My Department will be coming up with some guidelines on how that is to be carried out, what sorts of issues need to be thought about and what sorts of issues need to be attended to,” he said.

In later discussions with iTnews, Wilkins declined to suggest a timetable for these new cloud guidelines. 

Wilkins said he’d completed a recent round of conversations with Secretaries of Federal agencies to check their reaction to the recent revision of the Protective Security Policy Framework.

The PSPF is a key piece of advice from the Attorney-General's department on the protection of "government business - people, information and assets, at home and overseas".

The revised framework creates more obligations and responsibilities on the head of agencies, he said.

He said his department did not want to throw “gratuitous boulders” in front of agencies that relied on IT as a key driver in their operations.

“The advice we give is not gratuitous or mindless. We are alive to the criticality of the IT and the internet to the business of Government and the way we are going to have to do things going forward," he said.

Wilkins said the department was seeking to cultivate a more intelligent appreciation of the nature of threats confronting government.

One example of the kind of vigilance had been demonstrated when one of Wilkins' officers questioned an email signed by him that turned out to be “bodgy” – only because the writing style seemed to depart from his usual style.

Copyright © iTnews.com.au . All rights reserved.


Feds eye new cloud safety guidelines
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
Will Nutanix be outflanked before reaching IPO?
VMware muscles in on storage startup in hyper-converged infrastructure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 637

Vote