Amazon fail shows we were right: AGIMO

Amazon fail shows we were right: AGIMO

Summary: The Australian Government Information Management Office (AGIMO) believes that last week's Amazon cloud outage has vindicated its initial concerns over the security and stability of cloud for government use.


The Australian Government Information Management Office (AGIMO) believes that last week's Amazon cloud outage has vindicated its initial concerns over the security and stability of cloud for government use.

Pointing finger

(Point! image by Lisamarie Babik, CC BY 2.0)

The Amazon Web Service's outage struck the company's Elastic Compute Cloud (EC2) in the early hours of Thursday morning last week, taking down the services of sites including Quora and Reddit.

"The Amazon cloud outage reinforces the risks identified by the Australian Government's Cloud Computing Strategy," AGIMO told ZDNet Australia in a statement.

Risks outlined by AGIMO in its January draft cloud computing strategy included a possible loss of control of data stored in the cloud, and the possibility of a data breach in the public cloud.

After releasing the draft strategy, AGIMO came under fire from the Australian Information Industry Association (AIIA) for being overly cautious.

"The draft paper provides good background, and is informative and educative as far as it goes. In short, however, industry considers the paper overplays the risk of cloud computing," AIIA's Cloud Computing Taskforce said in its response.

"Over-emphasising data sovereignty and possible loss of control will play to agencies not wanting to change the status quo, and this may compromise higher level aims to reduce costs and increase efficiencies across government service delivery and ICT use," the taskforce added.

Despite the AIIA's warnings, AGIMO felt that its concerns were warranted as it released the finalised strategy.

"There was also some concern that the strategy put forward was too slow or too conservative. We consider that the strategy is appropriate given the risks to privacy and security of holding sensitive information in the public cloud," said government CIO Ann Steward.

AGIMO, while unsurprised over the outage, feels that vendors ought to communicate more openly with customers when experiencing service difficulties.

"Vendor transparency is important before during and after outages. The Strategy recommends that agencies consider aspects of service provision when examining a cloud procurement," AGIMO said.

Topics: Cloud, Amazon, Government, Government AU, Outage, Tech Industry

Luke Hopewell

About Luke Hopewell

A fresh recruit onto the tech journalism battlefield, Luke Hopewell is eager to see some action. After a tour of duty in the belly of the Telstra beast, he is keen to report big stories on the enterprise beat. Drawing on past experience in radio, print and magazine, he plans to ask all the tough questions you want answered.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Yes, no government agency has ever had an outage.
  • I agree with AMIGO on this one.
    Too many organisations are already jumping on the "cloud" bandwagon blindly or conveniently assuming that the cloud vendor systems are stable and secure.
    Many organisations are failing dismally to conduct any type due of diligence checking of cloud vendor systems and are exposing themselves to massive indefensible lawsuits when it all goes wrong later on and sensitive business or customer information is pasted on the web.
  • Maybe Amazon is more stable than Australian Government Data Centres, see the links below? They also get more press about it, they can't bury all the news. And Amazon is a proprietary platform in the USA. Australia has local Service Providers with solid standards based hosting platforms that could provide on demand services. AGIMO isn't taking a conservative approach, it's a lazy, slow approach. Where is the program as per USA where local providers are assessed and authorised based on their compliance to local information governance, i.e. Confidentiality, Availability, Integrity.