Macquarie Telecom's managed cloud service has been given the security tick by the Australian Signals Directorate (ASD), making it the first Australian cloud provider to be listed on the federal government's certified cloud services list.
To be approved for the ASD certification, Macquarie Telecom underwent an information security registered assessors program (IRAP) assessment. This involved a two-stage audit of identifying security deficiencies, rectifying them, and assessing the effectiveness of security controls through site visits and interviews with personnel.
Macquarie Telecom joins Amazon and Microsoft -- the only other two companies that have been approved by the ASD -- on the certified cloud services list.
Macquarie Telecom managing director and co-founder Aidan Tudehope said the ASD certification confirms the suitability of the company's cloud infrastructure for sensitive government data at the "unclassified -- DLM" level.
"Macquarie Telecom has worked hard to develop a high standard of specialist security capabilities specifically for the government sector. We have invested heavily in a purpose-built government datacentre in Canberra and to create a suite of products, including our GovZone secure cloud," he said.
"We are delighted to see this product among the first cloud services providers independently certified by ASD as complying with the new cloud security requirements of the ISM."
Receiving the ASD certification complements Macquarie Telecom's recent appointment to the federal government's whole-of-government cloud services panel, for which it was named as one of the first companies to sign on.
As part of the Abbott government's digital strategy, the Department of Finance went to tender in September last year for a whole-of-government cloud services panel to provide software, platform, and infrastructure as a service to the government.
Major general Stephen Day, head of cyber and information security at ASD and coordinator of the Australian Cyber Security Centre, said approving of Macquarie Telecom would give the public sector more confidence in making the transition to new technologies.
"We are pleased to be working in partnership with industry to ensure that there are a range of providers who can independently demonstrate that they meet the security needs of government in the cloud space," he said.