When you have staff based in almost every corner of the globe and in some of the most remote locations on the planet, it might make more sense to use cloud services, but according to Department of Foreign Affairs and Trade CIO Tuan Dao, despite all the hype, there are still too many security and privacy issues associated with the cloud for his department.
The department has 95 overseas posts based in five continents, with 3,600 staff members. The disparate nature of the organisation and the 44 agencies it supports means that major IT projects represent a unique challenge for the CIO. The uptake of cloud services might have been seen as one way to reduce the cost of deploying infrastructure across the globe, but that is not always the case, according to Dao, who was appointed as the department's CIO in 2010, after nine years with the Department of Human Services in ICT infrastructure.
Although government agencies are now required to consider cloud services as part of tenders for new projects, Dao told ZDNet in an interview this week that the he doesn't buy into the hype around the cloud.
"I am a firm believer in the capabilities that cloud computing can offer, but hype is what I have a problem with. I think industry and parts of government have been overzealous in thinking it is the answer to everything, when in reality, the issues [around data security and privacy] we have been trying to deal with over the last seven years have not been dealt with," he said.
Given the size of the DFAT organisation, however, Dao admitted that much of what his department does is cloud like, with shared services, an internal apps store, and fast provisioning, but he was reluctant to label it as "government private cloud".
"If you want to put a label on it and call it government private cloud, then fine, but in reality, what we're doing today in a distributed manner we've also been doing in a mainframe world for 30 years plus. So it really is a whole heap of hype," he said.
The two major focuses for Dao in his role today are the implementation of the department's new AU$100.8 million passport system and the rollout of the new International Communications Network (ICN), for which the department received over AU$31 million in funding out to 2016-17 in this year's federal Budget.
"That includes physical wires, physical switch gear, so all the typical infrastructure we do," he said. "We do most of that in-house, and that's purely because we have to have security-cleared personnel."
Dao admitted that it would take many years for the new secure network to reach all the outposts because of the location of some of the staff.
"We have to design a brand new environment for our ICT world, and then we have to deploy it, and some of these countries are literally several plane rides, a bus trip, and a train to get there. It's going to take a little while."
In that time, the department will also do an SAP refresh and will complete the rollout of Windows 7 to close to 10,000 desktops in 120 locations. Virtualisation is used by DFAT in some instances, but again, Dao said it varies depending on the location.
"We have virtualised technology at our back end, but at our front end, it depends on which agency we are supporting. It's not a blanket one size fits all," he said.
"We have an issue with virtualisation because some of our posts are in the back of nowhere with very low bandwidth and high latency. Virtualisation technology doesn't work for us in those locations. We are not an organisation that will say it is virtualised to everywhere in the world.
"We have a number of posts at locations where we know for the foreseeable future will be a satellite link, and because of that, virtualisation technology as it is today doesn't do the job."
The advent of bring your own device (BYOD) is something touching almost every government agency, and it invariably leads agencies to move away from exclusively using BlackBerry mobile devices. DFAT is no different, but unlike other agencies, DFAT doesn't have plans to abandon BlackBerry entirely.
"Like it or not, we have a large installed base of BlackBerry in our fleet. It still provides the most suitable for most circumstances in terms of mobility," Dao said.
"We introduced iOS devices [about] 15 to 16 months ago, and like everyone, we started in a very small context and then grew it out. There remains a number of issues from an enterprise management perspective where iOS just isn't there yet.
"At the moment, we've got a foot in both camps. We also look at Android-based products and Windows 8."
Dao said that Windows Phone 8 is still in the proof-of-concept stage because demand within the department is still relatively low. As part of the iOS deployment, there are a variety of devices, from the iPhone 4S and iPhone 5 to the iPad 3 and iPad mini. Despite the interest from staff for switching to iOS devices, Dao said security concerns were still front of mind in the selection of appropriate mobile devices for staff.
"We are a foreign ministry, and we deal with foreign issues every day. Our officers travel into foreign lands, and some are friendly, but some are not so friendly, so we need to be mindful what we're doing," he said.
"I think we have done as much as we can within the constraints of security-related matters to give people a level of flexibility. So the fact that we can even have an iOS device at all is really a big step for this department."
Dao joked that in his lifetime in IT over the last 20 years, he has been involved in moving away from Lotus Notes in every role he has been in. Although the bulk of the legacy Lotus Notes applications are now gone from DFAT, Dao said that he is still working to remove it in some places.
"It's clearly a legacy system for us, and we moved to Microsoft Exchange two years ago," he said. "We're migrating the ones that are worth migrating over to a new platform, but that still leaves you with the small utility applications, and we will phase those out over time. It's not a big deal [and] it's not a huge priority for us."