The behemoth will be offering Australian Government agencies the same commercial cloud service that it does to every entity on the face of the earth – just as soon as it gets what it says are 46 different AWS services certified by the Australian Signals Directorate.
In a wonderfully detailed interview, which conveyed the sense of — well, arrogance is the only word that fits — that AWS possesses, the editor of the website InnovationAus, James Riley, quoted its Singapore-based regional managing director for public service, Peter Moore, as saying: "The message is that our scale, and with the length of time we have been in this business that we are able to deliver capabilities that just can’t be delivered by an individual government agency of any size.”
AWS would be the second American company to be certified as a Protected cloud provider if, and when, it does get the ASD tick. Microsoft was the first, though some controversy surrounded its being given the certification, with fiats being attached.
But for the plebs in Australia, apparently, these specs aren't really necessary.
It may partly be the fault of Australian agencies for bowing and scraping before the Americans and demeaning their own. Three Australian companies — Vault (formerly Vault Systems), Spliced Tech and Macquarie Government — have been certified to the Protected level, but when a fourth, Secure Collaboration, tried to join the club it was knocked back.
After voicing its concerns in public, Secure Collaboration was offered consultations with Angus Taylor, then the minister for cyber security. But then the Coalition Government began the process of assassinating Malcolm Turnbull and, in that mess, the case of Secure Collaboration seems to have disappeared off the table.
Indeed, the entire security requirements for government agencies — encapsulated in a booklet known as the Information Security Manual — appear to have changed. The manual itself got a new name — the Cyber Security Manual — which, once again according to InnovationAus, seemed to be backfilling the requirements to justify giving Microsoft Protected status.
But then, again after the Turnbull troubles, the CSM disappeared from view and a new version of the ISM reappeared.
Macquarie's Aidan Tudehope has been the only player to make any comments about all this drama.
"It is unfortunate Federal Government processes for certifying and classifying outsourced cloud services for use by Government has become a matter of controversy," he wrote in a letter to InnovationAus.
"It is even more unfortunate to see blurring of the lines between the ability of an agency to use a service and the 'gold standard' Australian Signals Directorate certification process. The security of the information held by our Government agencies is too important to be treated glibly."
But with the Coalition Government said to be in a rush to push services to the cloud, and the cheaper options — not necessarily the most secure — being American, it looks like local players will have to be satisfied with crumbs.
A classic example of this was witnessed earlier this year, when Vault, which was supposed to be hosting a trial of GovPass, was unceremoniously pushed out.
To date, the Digital Transformation Agency is mum on who will be the cloud host for the trial — which is to be run by the Australian Taxation Office and the Department of Human Services — but given that the DTA itself has engaged the services of Microsoft, it seems very likely that more Australian dollars will be flowing in the Redmond direction.
But when a country has gone to the extent of specifying that documents submitted for the purpose of contesting its elections have to be in a Microsoft-compatible format, then this certainly would not come as a surprise. Bowing and scraping appears to have become an art form Down Under.