A new strategy for cloud

The government’s new cloud strategy has just been released. It replaces a cloud computing policy and focuses on what will make it easier for government agencies to use cloud services.

A stylised image of a cloud with a closed lock, two stylised people with a closed lock, and an open lock.

What is cloud?

The word ‘cloud’ is used a lot when talking about technology. But what exactly is it and why do we want government to use it?

According to the National Institute of Standards and Technology “cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

The DTA looks at cloud as how you get the technology platforms you need to run a digital service in a modern and flexible way. Depending on what service you use, cloud can take care of your data centre, racks, servers, network cabling, operating systems, and sometimes the platforms, databases and software too.

In government we generally buy and run our own hardware and software, owning the technology and taking responsibility for its maintenance. Even when we ask a business to manage this on our behalf, we still end up owning or paying for the technology. With cloud services, we can buy what we want, when we need it, rather than owning it ourselves. This means we pay for a service only when we are using it.

Why does government need a cloud strategy?

Cloud has been around for more than a decade and we have had cloud-first policies in place for four years now. Each policy has encouraged government agencies to make the most of its benefits including:

  • Faster service delivery. By using cloud we don’t have to wait for someone to build and install a new service or hardware. Instead the cloud is ready to go when we need it.
  • Paying only for what we use. We can buy what we need when we need it and don’t have to pay for managing hardware when it’s inactive.
  • Easy maintenance. With cloud services the provider has the staff who do all the management tasks on our behalf. They update and maintain the cloud environment and give us access to up to date technology.
  • Flexibility. It’s easier to try new things when you don’t have a large upfront investment in technology platforms.
  • Focussing on people, not technology. With a provider managing the hardware and the ability to automate certain functions, we have more time to improve services and focus on user needs.

Each government agency will choose the right service for them depending on how it adds value and delivers the outcome they need — recognising that in some cases that may not be cloud.

What does the strategy recommend?

During our discovery phase, agencies and industry told us about a number of barriers that were making it difficult to increase take up of cloud technology.

The strategy outlines a number of ways to help build understanding of cloud and confidence in using it, as well as growing the skills to transform old systems.

Agency-led transformation

The needs and operating environments of agencies are different. It would be not be helpful to outline one specific cloud solution. Instead, we’ve introduced a number of principles for choosing a cloud model that can adapt to different circumstances, encourage take up, and improve efficiency and consistency across government services.

Balancing security and opportunity

Making sure government and citizen information is safe and well managed is a priority for us. We have government practices to make sure cloud protects our information the way we need it to. The certification model in the strategy gives government agencies more clarity on the role those practices and the Australian Signals Directorate will play in their decision making. This will give agencies more options in choosing the cloud right for them.

Meeting government needs

There are other things cloud needs to deliver on. Government has a lot of rules to follow such as protecting privacy and keeping good records. Because cloud providers can achieve that in many different ways, we are developing a common framework all agencies can use to assess and record cloud services information.

Being accountable

Understanding who is responsible for what in cloud services can be a challenge and may change depending on the type of cloud you use. Having the right contract in place plays a major role in holding a provider accountable. To help, we’ve designed a responsibilities model so agencies can fine tune who is doing what and use more modern contracts to manage it.

Working together

There is no easy way for government agencies to connect up and learn from each other when moving to cloud, increasing the chances we may make the same mistakes. To share learnings, experiences and solutions that do and don’t work, we’ll create a knowledge exchange as a collaboration platform.

What’s next

While we put these solutions in place, we will be working one-on-one with government agencies to help their transition to cloud and remove the barriers to getting involved. For those who wish to experiment with cloud, our cloud.gov.au is a great way to dip your toes in the water with immediate onboarding for development and testing. The platform has 99.95% availability and more than 80 applications in development or non-production.

For any agencies who want to join the government cloud community, get in touch with us at secure.cloud@digital.gov.au

For media enquiries, email us at media@digital.gov.au