The Australian government has presented Dell Virtustream with a place on the Australian Signals Directorate’s (ASD) Certified Cloud Services List (CCSL), meaning it’s now been granted permission to host unclassified dissemination limiting marker (DLM) government information on its cloud service.
The cloud business joins other companies obtaining permission, alongside other tech providers including AWS, IBM, Salesforce, ServiceNow, Sliced Tech and Vault Systems/
However, Dell Virtustream’s Unclassified DLM classification is the second level on the list. Only Dimension Data, Macquarie Government, Microsoft’s Azure and Office 365, Sliced Tech and Vault Systems have “Protected” status, the highest level of accreditation available.
Part of the specification for gaining protected-level status is that data stored within the cloud services is only available to employees in Australia. However, Microsoft’s Azure Cloud service does allow for the transfer of information to other countries.
However, Australia’s Cyber Coordinator Alastair MacGibbon has since reassured doubters that the service does tick all the boxes (although he was non-committal when asked whether the ASD specifies the provider must be based in Australia to be CSSL approved) and no data will be made available outside of the country, as per the rules.
“Data can reside anywhere in the world, you can demand data stay in Australia but it doesn’t always make it more secure that it’s in a particular geography,” he said.
“It’s good that we hold data in Australia, that means that data comes under Australian law, that means that agencies and others have more access to it and other country’s agencies theoretically don’t have access to that data.”