The Australian government just published the National Cloud Computing Strategy, which goes beyond the usual domain of how government is going to use the cloud (something that several other jurisdictions, including Australia, have done over the last couple of years).
This strategy comes as a response to what the Australian Prime Minister promised back in October 2012 and builds on the roll-out of the National Broadband Network that will provide universal access to very fast Internet services across the nation. The national cloud strategy suggests a path to leverage this great resource.
The strategy looks at three distinct and important areas:
- the use of cloud computing in government, building on a previous paper on strategic directions
- the use of cloud computing by small businesses, not-for-profit and consumers
- the support of the cloud services sector
As far as the first pillar is concerned, the strategy maintains the down-to-Earth, no-nonsense approach that I have learned to like in Australia. Rather than pushing for an aggressive “cloud-first” approach, like the US did a few years ago and the UK stated more recently,
Government agencies will be required to consider cloud services (including public cloud services) for new ICT procurements. Government agencies will choose cloud services, where the service represents the best value for money and adequate management of risk, compared to other available options
For those who are familiar with the open-source “religious” battles of the last decade, this is far closer to what most of those ended up producing: strategies that would recommend agencies to consider the option, but not forcing them to adopt it or to justify why it is not being adopted. I actually drew a parallel between the two in an old blog post, which I believe is still very current. However the strategy is more decisive when it comes to public facing web sites as well as test and development environments, which are expected to be moved to the public cloud as soon as practical.
There is an emphasis on educating IT leaders in agencies about understanding benefits and risks as well as about how to procure and manage cloud services. Trials and experience sharing are encouraged, and lessons learned from the earlier Data Center as a Service (DCaaS) experience will be used to evolve this mechanism.
What is slightly less convincing is the reference to the feasibility of a community government cloud: exploring the feasibility is fine, but it should be rather clear from trends in other countries, that the most crucial aspect is to buy cloud services rather than build services (or have them built). In this respect the other potential weakness is not to push earlier for other Service Multi Use Lists beyond the DCaaS or other lighter-weight service and vendor catalogs similar to what the UK is doing with its G-Cloud Cloudstore (and that probably gives them enough strong a case for a more aggressive approach).
Another point that would require some additional detail as AGIMO reviews the strategic directions paper by mid 2013, is cloud service certification. The strategy document says
AGIMO is developing a certification framework. This framework will provide agencies
with a user friendly way of determining whether the services offered by a cloud vendor meet the
legal and operational requirements of government. The certification framework being considered by AGIMO will be a light touch framework that builds on, rather than duplicates, the existing framework of relevant technical standards. The framework will differentiate between different kinds of cloud service, and allow agencies to assess whether different platform, software or infrastructure cloud service offerings meet their needs.
However there is no clear deadline about when this framework would be issued, nor whether this would meet all certification requirements, or agencies should still perform their own certification.
As far as the second pillar, concerning the use outside government, proposed actions are quite sensible. They include addressing influencing bodies to help reach out to smaller enterprises, promoting a Cloud Consumer Protocol that would give sufficient confidence about consumer’s rights, and helping smaller businesses access technology expertise. Of course the uptake of cloud computing will also be influenced by the attitude taken by larger enterprises and how those will reverberate across their supply chain. It is wise for the strategy not to be prescriptive or condescending when it comes to larger enterprises, but I expect that working with industry associations and other intermediaries should explore the role of value chains.
Finally, as far as supporting the cloud supply side, the strategy pulls together all the necessary levers: education, research and trade, to provide the necessary skills, to address outstanding technical issues and seize opportunities, as well as to promote Australia as a “trusted hub for data storage and processing”.
The broad scope of the strategy requires the involvement and collaboration of several ministries, from Finance to Trade, from Broadband and Digital Economy to Industry and Innovation, from Education to Research.
Some of the objectives and deadlines may be vulnerable to the upcoming elections in September, but the overall structure is well-founded and it is difficult to find any major weakness.
Some commentator may wish to see the government take a more aggressive stance but, given the context and the early stage of “cloud-first strategies elsewhere, I believe the Australian government has taken a smart direction.