Sliced Tech and Vault Systems, the only two cloud providers that can host Protected-level Australian government data, are unfazed by the impending arrival of Microsoft Azure to Canberra, they told CRN.
Microsoft announced last week that it was investing in two new data centres in Canberra for its Azure public cloud, becoming the first hyperscale cloud provider to establish a footprint in the nation's capital.
Several Azure services have been approved for Unclassified workloads by the Australian Signals Directorate, and Microsoft is hunting approval for Protected data.
Under rules managed by the ASD, which is part of the Department of Defence, government data is classified into four levels: Unclassified, Protected, Secret and Top Secret.
Sliced Tech and Vault Systems have both been through the arduous process to get Protected classification, and were approved for the Certified Cloud Services List (CCSL) in May.
Vault is a wholesaler-only, providing highly secure cloud services to government via partners. Vault maintains a government distribution of OpenStack that was developed in Australia.
The NVMe-based storage platform was developed with Intel. Core networking was recently upgraded to 100Gbit Mellanox to the node, edge devices and firewalls are Juniper, Cisco and Fortinet with Supermicro compute nodes.
Chief executive Rupert Taylor-Price was sceptical about Microsoft's ability to obtain the seal of approval for Protected data. “It is my belief that large multinationals will find the challenge of meeting ASD's stringent security requirement insurmountable due to their legacy."
Taylor-Price added that "using multinational companies to manage Australian data is in conflict with the views of the Australian public as demonstrated by the Information Commissioner's 2017 Australian Community Attitudes to Privacy Survey, which revealed that 93 percent of Australians do not want their data managed overseas".
The OAIC report found nine in 10 Australians feel either very concerned (61 percent) or somewhat concerned (32 percent) about the practice of having their personal information sent overseas, with only one in 20 (5 percent) being unconcerned.
"All data held on Vault’s cloud platform is located within Australian borders and managed by Australian citizens with the appropriate security clearances," Taylor-Price said.
Customer demands for data sovereignty has been a major driver for global public cloud providers to establish onshore data centres – a trend that began with Amazon Web Services in 2012.
AWS was eventually followed by Microsoft Azure, IBM Softlayer, Salesforce and, most recently, Google Cloud Platform.
Launching Azure Australian in 2014, Microsoft said the data centres would provide "lower latency rates and address data sovereignty considerations for Microsoft customers and partners".
The pitch for Protected
Speaking last week ahead of the Azure announcement, Microsoft Azure engineering lead for Australia James Kavanagh told CRN that 40 Microsoft cloud services have been audited by IRAP assessor Shearwater Solutions, with the assessor recommending 25 of these for Protected certification and the other 15 requiring further work.
"We’re still working to finalise this certification process with Australian Signals Directorate and for clarity it is important to be aware that Microsoft Azure is not certified at Protected level by ASD. We still have work to do, but the pathway is understood," Kavanagh said.
Canberra-based Sliced Tech offers ASD-certified cloud services at the Protected and Unclassified levels as well as offering services around third-party clouds, such as Azure, including integration, migration and ongoing management. The company was No.1 in the 2015 CRN Fast50.
Managing director Jason McClure could not predict Microsoft's chance of getting Protected clearance for Azure.
"Many companies are seeking certification by ASD, and have done so for years. When a company achieves this at any level is between ASD and the individual company," he said.
"Hence Sliced Tech expects others to be added to the CCSL in the future but cannot predict when they may achieve the standard required by ASD to enable this.".
McClure said the Protected seal of approval had been lucrative for his company.
"Sliced Tech's growth last financial year was more than 50 percent, with most of that growth coming from Protected cloud adoption by government customers or partners bundling Sliced Tech's services in their delivery to government," he said.
For instance, Sliced Tech won a $3.3 million deal to migrate the National Capital Authority's legacy on-premise infrastructure to its Protected cloud.
"Sliced Tech undertook the migration while transforming servers and applications to SaaS- and PaaS-delivered model, as well as supporting third-party application migrations without transformation where required," McClure added.