a female IT technician is editing the programme on the network server in a server room. ** all identifying script and racking has been modified **
VMware Cloud Provider VMware Sovereign Cloud

Sovereign data control: The reasonable expectation of citizens in 2021

Blog authored by Suzanne Roche, Head, Marketing and CommunicationsAUCloud

The shift to cloud services opens enormous flexibility, agility and efficiencies in data management and delivery of services.

The last decade is testament to the scale and reach of cloud services; enabling online retail, entertainment, media, tourism etc and, to a lesser extent, government.  The trend has been worldwide, led mostly by global cloud providers.

However, as more data finds its way into the cloud, with more of it  confidential or classified data about citizens, sensitivity about where that data is stored, where it is moved and who can access it is driving a reversal of that trend. And rightfully so.

The ability to protect data breaks down as it is moved, managed, stored, analysed and used across the global digital supply chain

The concern is twofold. 

The first – security linked to an antagonistic cyber landscape; the difficulty of protecting data against evolving and increasingly sophisticated security threats.  Threats to the confidentiality, integrity and availability of data are real. From energy and logistics companies to universities and health services – the pain of data breach and/or operational disruption has been acute. 

Second, jurisdictional control – more accurately, concern about lack of it.  The fact that data can be moved off-shore, or even remain on-shore but vulnerable to the overreach of non-sovereign owned cloud providers highlights an even larger concern. 

As the pendulum of globalisation swings back to localised control of citizen data, sovereign data protection is not just about residence but more importantly, complete jurisdictional control and authority over data.

In signing up to the cloud infrastructure of global providers, many Australian organisations are unaware of the contractual detail they have agreed to.  Few have little, if any transparency, of what data (customer data, metadata, support, analytics etc data) is moved where or the level of extra-jurisdictional access to it.  

As well as assurance your data will never leave Australia and systems will be operated, managed and supported by secured personnel in Australia, sovereignty of cloud services means as implied – only ever subject to Australian legislation and judicial process. 

Deploying the Right Data to the Right Cloud is surely a reasonable expectation of any Australian citizen.

As a sovereign cloud Infrastructure as a Service provider that focusses exclusively on servicing government, defence and critical national industry organisations, AUCloud is acutely aware of both the increasing value of data as well as the risks to it in our contemporary digital environment.  This understanding combined with the reality of increased and forever changing security vulnerabilities, is why the focus on sovereign data protection and control underpins AUCloud’s business structure, operating model and security approach. As an Australian owned and operated provider, supported by security cleared Australian citizens, all services and data hosted on AUCloud remains in Australia, including customer data, metadata, support, monitoring etc data.  Most importantly, because we are only subject to Australian law, our customers and their data are not at risk of the extra-territorial overreach that can be leveraged by jurisdictions of other countries.  As is more and more the case, as the pendulum shifts to increased localised control of citizens data, it turns out that how we have always valued data protection is increasingly what is valued by citizens.  

For more information please see: AUCloud – Australian Sovereign Cloud (australiacloud.com.au) or contact:  [email protected]