Macquarie Government Certified by Australian Signals Directorate (ASD), Again
This week, Macquarie Government has been added to Australian Signals Directorate‘s Certified Cloud Services List (CCSL) for PROTECTED (Classified) data. This new certification adds to the existing DLM (Unclassified) certification (May 2015) and Gateway certifications.
We are the only provider to be certified by ASD for all 3. I’ll explain below what this all means and why it is important for Government agencies at a Commonwealth and State level.
What is CCSL Protected Cloud?
In short, ASD has certified the Macquarie Cloud as suitable for PROTECTED (Classified) workloads. This gives Australian Government and State Agencies confidence to leverage our cloud for such workloads.
In the longer term, the ASD certification recognises the successful completion, review, and acceptance of a comprehensive assessment undertaken by an Information Security Registered Assessors Program (IRAP) expert. This program, itself also owned by ASD, allows for the independent assessment of an IT system’s security (in this case Macquarie’s Gov Cloud Infrastructure) against ASD’s Information Security Manual (ISM). This manual is the standard which governs the security of Australian government ICT systems. It complements the Protective Security Policy Framework.
Why is it important to have all 3 ASD certifications?
The Government is well aware of the cyber security risks that they face. Over the last 2 years, such risks, and the focus on them has grown. At the same time the Commonwealth has been focused on digitally transforming itself (i.e. increasingly leverage digital/web means to interact and deliver services to citizens). The challenge for Government is to ensure that this digital transformation is done securely with security baked in, not an after thought when something goes wrong – think 2016 eCensus. Cloud adoption is arguably the best way to inject agility into an agency’s IT team. This agility in providing IT infrastructure in turn underpins the ability to digitally transform and deliver services more aligned to what we see in the private sector.
Almost without exception, an Agency’s computer systems (or applications) will need to access numerous databases, often across agencies and data classification levels, often physically located within commonwealth data centres, colocation facilities as well as in public clouds. This interconnected world, in effect is what the IT industry calls Hybrid IT, just with increased complexity of varying data classifications. Being certified by ASD for both PROTECTED (classified) and DLM (unclassified) clouds combined with our ASD certified Gateway, allows us to blend the demands for hybrid IT under a single secure roof – one throat to choke and no buck passing between providers…
Why three ASD certifications isn’t enough.
While the ASD PROTECTED certification is essential, it’s not everything. It alone does not assure success when delivering for an Agency. And delivering is the only way you move from being a provider to being a trusted one.
Being able to deliver requires a level of local investment. Investment in what matters for Government, not what a MNC HQ wants to replicate around the world.
We’ve invested in local people (over 100 Australian Government cleared engineers) to support our Government customers – more than any other ASD PROTECTED provider. We’ve invested in our own data centres so agencies know where their data resides (Canberra and Sydney). And we’ve invested in experience that comes from supporting 42% of Australian Government who trust us every day.
Thank you to the extended team who got us to where we are today, including the ASD team who certified our environment. Thank you.
As a part of ASX listed Macquarie Technology Group (ASX: MAQ), Macquarie Government is Australian specialist in cyber security, secure cloud and data centres solutions. Currently 42% of Federal Government agencies trust and use Macquarie Government’s security and cloud services.
