Digital Transformation Agency to store classified data in Microsoft’s cloud

Staff can ditch dual logins after move to Office 365 running out of Protected-certified cloud

Staff at Canberra’s Digital Transformation Agency soon will no longer need to double up on email accounts, logins, passwords and calendars.

The DTA is preparing for a wholesale move later this year to Office 365 running out of Microsoft data centres that have been certified for use with Protected-level classified government data.

Microsoft in April launched two Caberra-based regions for Azure. Accompanying that launch, a range of the company’s Azure and Office 365 services were listed for use with Protected data on the government’s Certified Cloud Services List (CCSL), which is maintained by the Australian Signals Directorate.

The DTA’s “day-to-day operations” will be run out of Microsoft’s cloud, human services minister Michael Keenan said.

An initial pilot involved 20 DTA staff. That group has now been expanded to 40 users. DTA staff will have access to a range of services including Exchange Online, SharePoint and Skype for Business, and Azure services including Azure Key Vault and Azure Active Directory.

The platform will also be employed by staff from other government agencies that are working with the DTA.

Keenan said the move by the DTA will serve as a “proof point” for other government agencies seeking to move to the cloud.

Consolidating on a single system certified for use with classified data means that DTA staff will no long need to jump between systems depending on the work being conducted, the minister said.

Microsoft is not the only cloud services provider on the CCSL to offer Protected certified services: Macquarie Government, Sliced Tech and Vault Systems, Dimension Data also have services certified for use with classified data.

Amazon Web Services is also seeking to have Protected certified services listed on the CCSL

AWS in March said it had successfully undergone an IRAP assessment of its Sydney region for the storage and processing of Protected-level data — but it has not yet been added to the list (AWS has a range of services on the CCSL but as yet none have had their certification for use with classified data accepted by the ASD).

The announcement of the new DTA cloud push follows the launch earlier this year of the government’s Secure Cloud Strategy.

The successor to the government’s 2014 cloud strategy has a much stronger emphasis on the use of public cloud when possible.

“The public cloud market offers a broad range of services and providers that enable agencies to keep their technologies and business processes up to date,” the document states. Public cloud can provide fast and competitive options for agencies.”

It says that agencies “should consider public cloud first and in preference to any other cloud deployment model” as long as it has the appropriate security standards.