Australia plans to require government data to be stored in onshore data centers with the correct certifications.
Facilities will have to be Certified Strategic or Certified Assured to be able to host government workloads. The certifications are managed by the Digital Transformation Agency under the newly published Hosting Strategy.
“Ensuring sensitive information is kept within Australian borders is vital to protecting our national security and privacy interests," Macquarie Government MD Aidan Tudehope said.
"The announcement from Minister Stuart Robert is the latest in a series of initiatives that are geared towards protecting Australia’s national interests. The government’s intent to prioritize local cloud and data storage service providers will set a strong example for the private sector to invest locally, ensuring Australia works towards enhancing its sovereign digital ecosystem in a way that serves the national economy.”
The new mandate formalizes a years-long effort to move critical data onshore as the Australian data center industry matures.
Efforts to formalize security rules were sped up after Chinese investors took control of data center company Global Switch over a three-year period beginning in 2016.
The British-based business operates a data center in Sydney, which was popular amongst Australian government agencies, including the Department of Defence.
In 2017, the DoD said it would leave the facility by 2020, but delayed the move by five years due to the complexity of its migration. Other agencies such as Home Affairs, Foreign Affairs and Trade were also told by the government to leave by 2020, but it's not known if they all left in time.
This itself may cause a problem, The Australian Strategic Policy Institute recently warned, noting that the government was dangerously consolidated in a small number of facilities.