Feds eye new cloud guidelines

The Government will put forward a new position on cloud computing that encourages a "heightened sensitivity" among departments that plan to take advantage of it.

Speaking to some 800 delegates at at the Security in Government 2012 conference, Attorney-General department secretary Roger Wilkins said he wouldn't rule out cloud use by agencies but would advocate a “degree of circumspection” around such decisions.

Though he saw cloud as the "way of the future", he remained concerned about jurisdictional issues around data storage.

“There are some considerable difficulties in storing stuff off-shore and subject to other jurisdictions – even benign jurisdictions,” Wilkins said

He said the onus would be on government organisations to demonstrate that appropriate safeguards were in place.

“My Department will be coming up with some guidelines on how that is to be carried out, what sorts of issues need to be thought about and what sorts of issues need to be attended to,” he said.

In later discussions with iTnews, Wilkins declined to suggest a timetable for these new cloud guidelines. 

Wilkins said he’d completed a recent round of conversations with Secretaries of Federal agencies to check their reaction to the recent revision of the Protective Security Policy Framework.

The PSPF is a key piece of advice from the Attorney-General's department on the protection of "government business - people, information and assets, at home and overseas".

The revised framework creates more obligations and responsibilities on the head of agencies, he said.

He said his department did not want to throw “gratuitous boulders” in front of agencies that relied on IT as a key driver in their operations.

“The advice we give is not gratuitous or mindless. We are alive to the criticality of the IT and the internet to the business of Government and the way we are going to have to do things going forward," he said.

Wilkins said the department was seeking to cultivate a more intelligent appreciation of the nature of threats confronting government.

One example of the kind of vigilance had been demonstrated when one of Wilkins' officers questioned an email signed by him that turned out to be “bodgy” – only because the writing style seemed to depart from his usual style.