Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Friday, 22 October 2021 06:03

DTA not saying if firms certified as cloud hosts have compliance issues

DTA not saying if firms certified as cloud hosts have compliance issues Image by 95C from Pixabay

The Digital Transformation Agency, now vested with the responsibility for certifying cloud companies that can host government data, appears to be unwilling to state clearly whether any of the four firms given a tick on 7 October had outstanding compliance issues.

Of the four companies — Amazon Web Services, Sliced Tech, Vault Cloud and AUCloud — only Vault came clean on issues around compliance, and that directly to iTWire. The DTA said nothing at the time. AWS, AUCloud and Sliced Tech were all asked by iTWire whether they had any compliance issues, but all kept silent.

Given that, iTWire sent the following query to the DTA on Wednesday:

"On 7 October, four companies were certified for hosting government data: AWS, Sliced Tech, Vault Cloud and AUCloud.

"However, apart from Vault — which released details of its non-compliance issues to iTWire — none of the others have said anything about non-compliance. ITWire contacted both Sliced Tech and AUCloud but did not hear back.

"AWS was asked by email but did not respond.

"Which begs the question: did none of these three have any outstanding issues?

"Further, as I have pointed out, the fact that AWS uses a data centre owned by a Chinese entity does not seem to have raised any alarm at DTA - despite the government warnings about China.

"As you are no doubt aware, the government has cancelled a Belt and Road Initiative deal signed between China and Victoria. Canberra is also looking at the lease of the Port of Darwin by a Chinese firm and there is talk that it may be scrapped.

"Given this background, did not the fact that the Global Switch data centre used by AWS was Chinese-controlled raise any red flags?"

The DTA responded on Thursday: "Certification under the Hosting Certification Framework provides assurance that hosting providers meet defined security and risk management standards.

"This includes having mitigation measures in place that support the outcomes set out in the Whole of Government Hosting Strategy, and requirements outlined in the Hosting Certification Framework.

"Providers who have been assessed as being eligible and suitable for certification are required to enter into enforceable contractual undertakings with the Australian Government that give effect to the Certification Framework."

Exactly what that this means is difficult to parse. One can only infer one thing: like the government, the DTA prefers to obfuscate and avoid giving straight answers.

There has been a lot of blather from various interested parties about the alleged threat from China. Yet the American company AWS, which has links to a data centre that is owned by Chinese interests, has got the green flag to host government data.

Last year, when AWS was given the contract to host the government's COVIDSafe app, a similar question — that of using a data centre fully owned by a Chinese company — was raised, with Labor MP Ed Husic bringing up the issue on ABC News' afternoon briefing. The centre in question is Global Switch whose parent company is Aldersgate Investments which is now controlled by a Chinese entity.

Aldersgate owns two data centres in Ultimo where it stores classified Australian Government material, including sensitive Defence and intelligence files. Both these data centres have secure gateways certified by the ASD and can be used for secure access by government offices.

But the ASD is no longer in the picture when it comes to certification, having bowed out in March 2020. The DTA and the Australian Cyber Security Agency are now the two bodies involved in certification.

The issues with Global Switch go back to 2016 when Aldersgate sold a 49% stake to the Chinese firm, Elegant Jubilee.

Investors in Aldersgate are said to have been brought together by Li Qiang who owns Daily Tech, a leading data centre company in China. The main investor was the Jiangsu Sha Steel Group, China's largest private steel enterprise. Elegant Jubilee gained full ownership of Global Switch in August 2019.

But who cares? Certaonly not well-paid government bureaucrats who will talk about "communist China" till they are blue in the face. [The irony that China has been a communist nation from the time it came into being escapes these worthies. Do we talk about the "capitalist USA" or "socialist <insert_name_of_country_here>"?].

The DTA will be energised to do something only when the issue becomes one that costs the government votes. Until then, talk is fine, action is a dangerous course.

Read 4215 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.



The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News