Australian Government Cloud Computing Strategic Direction Paper

A draft "Australian Government Cloud Computing Strategic Direction Paper" has been released for comment (deadline 31 January 2011). The document is 52 pages long.

Australian Government Cloud Computing Strategic Direction Paper: Opportunities and applicability for use by the Australian Government

Draft for consultation

Table of Contents

CLOUD COMPUTING STRATEGIC DIRECTION PAPER 1

Executive Summary 5

1. Introduction 7

1.1 Why is an Australian Government Cloud Computing Strategy required? 7

1.2 Objective 9

1.3 Audience 9

2. What is Cloud Computing? 11

2.1 Types of Cloud Computing 13

2.2 Cloud Service Capability 15

3. Potential Risks and Issues of Cloud Computing 16

4. Potential Business Benefits of Cloud Computing for Australian Government Agencies 19

5. Potential Opportunities of Cloud Computing for Australian Government Agencies 22

6. Proposed Australian Government Cloud Computing Policy 25

6.1 Draft Policy Statement 25

6.2 Vision 25

6.3 Key Drivers for Adoption 25

6.4 Strategy Overview 25

6.5 Deliverables 27

Attachment 1: Related Documents 35

Attachment 2: Environmental Scan 37

Attachment 3: Prominent Global / Public Cloud Vendors 40

Attachment 4: Definitions of Cloud Computing 43

Attachment 5: Terminology 47

FIGURES

Figure 1: Gartner Hype Cycle for Cloud Computing, 2010 12

Figure 2: Visual Model of NIST Working Definition of Cloud Computing 37

Executive Summary

“Cloud computing is a new way of delivering computing resources, not a new technology.”¹

The Australian Government Cloud Computing Strategic Direction Paper describes the whole of government policy position on cloud computing. The strategy states that: agencies can choose cloud-based services if demonstrating value for money, fitness for purpose and are adequately secure; provides guidance for agencies on what cloud computing is; and some of the issues and benefits of cloud computing that agencies need to be aware of.

The paper recognises that the public cloud is still evolving, particularly in areas such as security and privacy. These issues need to be adequately resolved before critical government services can be transitioned to the cloud. As a result, the paper outlines three streams of work:

• Stream One – provides agencies with guidance and documentation.

• Stream Two – encourages agencies to adopt public cloud services for public facing “unclassified” government services and to undertake proof of concept studies to fully understand the risks of the cloud environment.

• Stream Three – encourages a strategic approach to cloud. This work is dependent upon greater clarity around projects commissioned under the Data Centre Strategy.

1 ENISA: Cloud computing: benefits, risks and recommendations for information security, European Network and Information Security Agency. ...

From: Australian Government Cloud Computing Strategic Direction Paper, Department of Finance and Deregulation, 7 January 2011