DTA moves to clarify secure cloud strategy
The Digital Transformation Agency has moved to clarify common questions and misconceptions about the government's new secure cloud strategy.
In a list of FAQs, the agency noted that the new strategy does not change the way cloud services are certified, but instead confirms existing practices.
These include the need to keep the government's lead information security agency informed about any cloud projects and to give government agencies the option to arrange their own security assessments using the accredited professionals and requirements followed by the Australian Signals Directorate.
Likewise, the DTA noted that cloud deals are no different to any other outsourcing deals to technology service providers. The same principles of knowing who a supplier is, what access they have to government data and what they do to protect stored information apply to the cloud.
The strategy also confirms that using offshore cloud services is acceptable so long as the government information being stored does not include any private or sensitive data.
Finally, despite questions of whether there should be one solution for every agency, the DTA said because each agency is in a different place in terms of cloud adoption, a one-size-fits-all solution would not fit all.
Instead the DTA has asked agencies to publish their own cloud strategies so they can be shared and disseminated with other departments.
Good evidence confuses ChatGPT when used for health information: study
A world-first study by CSIRO has found that when asked a health-related question, the more...
CSIRO report maps sovereign capability to build 'foundational' AI tech
CSIRO's report on AI foundation models provides an overview of the fast-moving global...
Nuix confident that lack of diversity in AI can be remedied
Tapping into different talent pools and building diverse teams provides the solution to lack of...
