Local partners vying for federal government work now have a handful of cloud services providers with which they can team up that have been certified as strategic hosting providers under the government’s hosting certification framework (HCF).
Amazon Web Services (AWS), Sliced Tech, Vault Cloud and sovereign cloud provider AUCloud comprise the first wave of cloud providers to have been granted ‘strategic’ certification under the framework, which was set up under the auspices of the federal government’s Digital Transformation Agency (DTA).
“AWS is pleased to be certified as a strategic hosting provider in the Australian government’s Hosting Certification Framework,” said Iain Rouse, director of AWS’s Public Sector business in Australia and New Zealand (ANZ). “We look forward to continuing to work with the government to ensure they have access to safe, secure and innovative cloud services.
“Since 2012, AWS has provided world-class infrastructure in Australia, including on-shore data centres to enable data sovereignty, and a full range of security protections, tools, and services to the Australian government and our local customers,” he added.
Meanwhile, AUCloud managing director Phil Dawson noted that his company’s security capabilities exceeded Australian government best practice for data classified up to ‘protected’.
“We are built on certified VMware services and operated by Australian security cleared personnel within an ASX publicly listed company (“SOV’) that is owned by Australian citizens,” Dawson said.
“We are delighted by the recognition that our investment and hard work is creating and look forward to solving more data challenges for the Australian government, defence, critical national industry communities and their chosen service partners in the future,” he added.
Broadly, the HCF was developed to, in the words of the DTA, “operationalise the principles outlined in the whole-of-government hosting strategy, and to support the secure management of government systems and data”.
For its part, the hosting strategy works to provide policy direction and guidance to the federal government’s hosting ecosystem, including facilities and infrastructure.
The DTA released the HCF in March to assist agencies to mitigate supply chain and data centre ownership risks and enable them to identify and source appropriate hosting and related services.
Under the framework, the ‘certified strategic hosting provider’ status represents the highest level of assurance and is only available to providers that allow the government to specify ownership and control conditions, according to the DTA.
The other tier outlined in the framework, ‘certified assured hosting provider,’ works to safeguard against a significant change in ownership, control or the operation of the provider which would increase the risk profile of the provider’s commonwealth tenants.
Under the current regime, government data that claims ‘protected’ status and the whole of government systems must be hosted in a certified strategic (previously referred to as sovereign) or certified assured data centre.
Certified hosting providers can provide their services either directly to government agencies, or indirectly through a direct commercial arrangement with a third party that has a contractual arrangement with government agencies, such as a systems integrator, a managed service provider or a cloud service provider.
From 1 March 2021, agencies going to market or looking to enter into a contract for any solutions that involve a data centre component, whether direct or through a third-party provider, need to stipulate their requirements for certified strategic or certified assured hosting providers as appropriate.
Earlier this year, the DTA revealed the names of several data centre providers and their facilities that had been certified under the framework.
Service Provider and Certified Strategic Facility
- Australian Data Centres – Canberra – Mitchell
- Canberra Data Centres – H1, H2, H3, H4, F1, F2, EC1, EC2 and EC3
- Macquarie Telecom Pty Ltd – IC4 and IC5.
Service Provider and Certified Strategic Enclave:
- Equinix Australia – CA1, SY3, SY4, SY5, SY6, SY7, PE2 and ME4
- Fujitsu Australia – Western Sydney and Homebush
- Macquarie Telecom Pty Ltd – IC1, IC2 and IC3
- NEXTDC – Perth 1 and 2, Sydney 1 and 2, Melbourne 1 and 2, Brisbane 1 and 2, and Canberra 1
The federal government agency was looking to refresh its Software Marketplace following the launch of the whole-of-government software licensing and services panel.
The move meant new sellers could apply to join what the DTA was calling Category 2 of the marketplace, which consists of 26 categories of software products and six classes of software professional services.