Senetas commends the Australian government’s Cloud Assessment and Authorisation Framework cybersecurity initiative. As planned, the Australian Cyber Security Centre (ACSC – a division of the Australian Signals Directorate) has released its 2020 updated Cloud Assessment and Authorisation Framework (CAAF).
This updated framework should be received enthusiastically by the cybersecurity community, as well as all Australian government departments and agencies, for which it provides an important cloud infrastructure and risk assessment framework.
The CAAF is not just an important framework for Australian government agencies as intended, it is also a valuable guide for all Australian businesses adopting cloud services.
As cloud enabled business applications are rapidly adopted and expanded by Australian organisations, the data moving in and out of cloud infrastructures is becoming increasingly sensitive – from citizen privacy to intellectual property and confidential government information.
The CAAF addresses essential cybersecurity aspects of cloud enabled Infrastructure-as-a-Service (IaaS) and Software-as-Service (SaaS); details of which are often overlooked by service providers’ customers.
As a sovereign Australian cybersecurity solutions developer, manufacturer and exporter, Senetas welcomes the framework’s enhancements. As a network data encryption solutions vendor with products used by governments and enterprises in more than 40 countries, we see customers’ increasing exposure to cloud related cyber-threats.
The ACSC’s Cloud Assessment and Authorisation Framework provides commercial enterprises with valuable guidelines that should be considered within their own cybersecurity risk and service provider evaluations. It provides cloud infrastructure customers with a detailed framework necessary to assess their exposure to the risks of cloud services, and in particular, to sovereign Australian data.
Significantly, the CAAF highlights the cybersecurity issue of ‘Data Sovereignty’. Data sovereignty is an often underestimated cybersecurity risk and most applicable to cloud enabled applications such as Software-as-a-Service (SaaS) business solutions where customers may be completely unaware of where their data is stored.
This raises critical issues such as legal and jurisdictional control and responsibilities.
These customers take cybersecurity seriously and value a cloud-based encrypted solution that guarantees the Australian data sovereignty AUCloud provides.
AUCloud was established to deliver cloud infrastructure services for Australian Governments and Critical National Industry communities based on ‘protected’ controls or higher, as defined within the Australian Signals Directorates’ (ASD) Information Security Manual (ISM), and protects Australian data.
For more information about the Cloud Assessment and Authorisation Framework, click here.
Learn more about SureDrop encrypted file-sharing and collaboration.