Outages, breaches hurt cloud reputation
Security breaches like the Sony PlayStation Network (PSN) hack, and outages like Amazon's recent cloud failure, have taken some of the shine off the cloud for Glenn Archer, first assistant secretary of the Australian Government Information Management Office's (AGIMO) Policy and Planning Division.
(Credit: Luke Hopewell/ZDNet Australia)
Speaking on the government's cloud transition strategy at CeBIT's Cloud Computing Conference 2011 in Sydney yesterday, Archer said that while moving government departments onto the cloud has its benefits, he has several reservations about the claims of constant uptime.
"High availability? Well, I should say perhaps alleged high availability. I used to think, up until about four or five months ago, that the issue of availability in the cloud was one significant advantage. I'm more cautious on that now," he admitted.
Archer said that building high availability systems is complex for any organisation, as evidenced by the recent spate of outages in the Australian banking community. Cloud vendors, however, pride themselves on their constant availability, and preserving that reputation is everything, according to Archer.
"[Constant uptime] is really, really hard stuff, and cloud vendors live and breathe on the availability of their cloud services, so my assumption is given that their business model and reputation depends on this ... we should be able to look to them with an expectation of high availability, and I guess that's been slightly sullied of late," Archer said.
Security of information is also a concern when dealing with outsourced IT, he said. Quoting Optus chief Paul O'Sullivan, Archer said that there is a real need to feel safe when dealing with any online services, including the cloud, a feeling that Archer believes is lacking in government technology circles.
"As a parent whose credit card supported his son's use of Sony's games network, I don't feel safe. We need to have [a] sense of security in government that isn't there at the moment."
It wasn't all doom and gloom in Archer's cloud outlook, however, with the AGIMO policy head excited by the financial and administrative agility that cloud provides to government.
"I think there are many other real opportunities for us [in moving to the cloud]. Financial agility, the move from [capital expenditure] to [operational expenditure] is quite exciting for many CFOs and CIOs, not having to bid for very large amounts of money, not having to go through complex procurement cycles, very long build and run cycles and complex depreciation arrangements. The cloud offers a really much simpler model.
"Being responsive, particularly to emergencies and the demands and expectations of government. That would be quite hard in government agencies, but the cloud offers you a very quick way of ... responding."
AGIMO released a draft of the government cloud strategy in January where, among other initiatives, it outlined potential risks. Risks including a possible loss of control of data stored in the cloud, and the possibility of a data breach in the public cloud.
The Australian Information Industry Association (AIIA) criticised AGIMO for being overly cautious when it came to the cloud. AGIMO believes, however, that the recent outage in the Amazon Web Services cloud vindicated its conservative position.
Archer acknowledged that while there may be risks in storing sensitive data in a cloud environment, there is still plenty of low-lying cloud fruit to be exploited by the government.
"The number of discussions and interviews I have about cloud, they always start with hosting citizen information in the public cloud. Yes, OK, we'll get to that one day, [but] right now there are enormous opportunities for us as the Commonwealth Government to make use of cloud, and we don't even have to go to that problem area," he told CeBIT attendees.
AGIMO released a finalised version of its cloud strategy in April.