The Australian government has introduced a new policy concerning how its agencies can use cloud computing services.
The government cloud use policy was jointly released by Attorney-General Mark Dreyfus QC, and the Minister Assisting for the Digital Economy Senator Kate Lundy. It complements the National Cloud Computing Strategy, which was released in May.
While the government wants to take advantage of cloud computing for cost, flexibility, and scalability reasons, it's aware of its responsibilities to keep confidential data safe. The cloud computing policy aims to provide a guideline for government agencies to use cloud, but be able to protect sensitive data.
"Government is trusted to hold a great deal of information on citizens and businesses, and it's expected that this information is protected," Dreyfus said in a statement. "As much of our work is online, and technology is constantly evolving, we must regularly ensure we are continuing to meet our obligations in protecting the information given to us."
The policy stipulates that it is fine for government agencies to use public cloud storage, but only for unclassified data that has been subject to a risk assessment. Privacy-protected information can only be stored and outsourced offshore once appropriate approvals from the relevant portfolio minister and the attorney-general have been granted.
Security classified information cannot be stored offshore unless there are special arrangements made.
The government has been keen to address the issue of cloud computing for some time. In 2012, the Australian Government Information Management Office (AGIMO) released its Cloud Computing Strategic Directions Paper (PDF) to provide guidance for agencies about how they can use cloud computing to work more efficiently.