AGIMO issues Cloud guides for government departments
- 15 February, 2012 11:30
The Department of Finance and Deregulation's Australian Government Information Management Office (AGIMO) has issued a series of 'better practices' guides for government departments and other federal bodies to help them navigate the legal, privacy and financial issues of Cloud computing.
"Cloud best practice guidance" was an outcome earmarked in the The Cloud Computing Strategic Direction Paper (PDF) issued by the department of finance in April 2011.
"Additional guidance will be prepared for agencies on other aspects of cloud computing as necessary," an AGIMO blog entry announcing the guides by Glenn Archer reads. "This may include areas such as governance of community clouds and further guidance on business management and procurement practices."
AGIMO unveiled the draft versions of the Cloud guides in November last year.
Privacy and Cloud Computing for Australian Government Agencies (PDF) outlines considerations relating to compliance with the Information Privacy Principles outlined in the Privacy Act when using Australian or off-shore Clouds.
Issues covered include those related to storage of data that may in jurisdictions with different information protection laws to Australia (the guide cites the USA PATRIOT Act as one piece of foreign legislation that may impact on the security of data stored in a Cloud); virtual or physical data segregation to prevent inadvertent disclosure or private information when multiple agencies' data is stored in a single Cloud; and the ability to permanent delete data, including provisions in contracts with Cloud service providers that they will comply with Information Privacy Principles outlined in the in the Privacy Act.
Negotiating the cloud – legal issues in cloud computing agreements (PDF) covers negotiating agreements with Cloud providers, including privacy, security, meeting data confidentiality requirements, records management, and auditing of Cloud computing arrangements, as well as managing Cloud contracts including performance management, ending Cloud computing arrangement (including transition of services) and dispute resolution.
The final guide (PDF) covers the financial aspects of Cloud computing for government agencies, including transitioning capital expenditure to operational expenditure and financial risks. It recommends agencies seek guidance on the "Transfer of an agency’s appropriations for capital expenditure to operational expenditure; Reallocation of departmental appropriations between operating and non-operating expenditure within a financial year; and obtaining approval for any operating losses."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Devising a Server Protection Strategy with Trend Micro
With so many Information Technology solutions available to choose from today, many organizations put their trust in the experience, insight and advice of Gartner, and their industry-leading analysts. Trend Micro’s portfolio of solutions meets and exceeds Gartner’s recommendations on how to devise a server protection strategy. Precisely how Trend Micro does it is detailed in this whitepaper. Read now.
Advanced Malware Exposed
This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. This ebook will provide readers with a new understanding of the rapidly developing cyber threat landscape and practical insights into how they can protect their data and computing infrastructures. Download now.
Implementing A Security Analytics Architecture
According to the 2012 Verizon Data Breach Investigations report, 99% of breaches led to data compromise within “days” or less, whereas 85% of breaches took “weeks” or more to discover. This presents a significant challenge to security teams as it grants attackers extended periods of time within a victim’s environment. More “free time” leads to more stolen data and more digital damage. Principally, this is because today’s security measures aren’t designed to counter today’s more advanced threats. Read on.