SafeNet chief technology officer Russell Dietz believes that the Australian Government's cloud computing strategic direction paper is one of the best written that he's seen, and says that Australia as a nation has a good chance at getting cloud right the first time.
Russell Dietz (Credit: SafeNet)
Dietz said that he was extremely impressed when he read the Australian Government Information Management Office's (AGIMO) paper, which was released last month after consultation with industry.
Entities in the US were the first to jump onto the cloud, Dietz said, followed by Europe, and now Asia and Australia are getting into it.
Dietz said that the paper had benefited from Australia's hesitance to bound into the cloud, which had allowed a database of case studies to build up on what not to do.
"We've got five years of doing the wrong thing under the belt," he said.
The government had obviously spent a lot of time investigating the concept and building references, he said.
Given this, Dietz believed that the government, and Australia as a nation, had a better chance of "doing it the right way the first time".
And it could happen very fast. He said that the time between initial interest and aggressive adoption was becoming much shorter.
The last twelve months had been important ones for cloud, according to Dietz, as companies were gradually discovering that it was extremely different to get compliance right. A year ago, around 20 per cent of cloud contracts weren't being signed because of data governance issues, according to SafeNet data. Now it's more like 70 per cent.
This is why Dietz is in Australia raising awareness about compliance and security issues in cloud, and pushing the company's Trusted Cloud Fabric product to end users and partners, which has been implemented at Amazon and is expected to be released later this year. He'll also be speaking at AusCERT next week.
The Trusted Cloud Fabric is a framework to help enterprises keep data in the cloud safe by providing centralised governance and management of sensitive data, applications and systems across the datacentre and the cloud.
Having encryption where the key lies in the hands of the data owner, not the facilities owner, is a large part of it, according to Dietz. And it's managing the different keys and tracking who has accessed information, and when, which makes it viable. The encryption keys can also be set up to be geo-specific so that, for example, data could only be accessed by a key in Australia, which aims to help with data-location concerns.