Community Cloud

Community Cloud

Cloud adoption in Australia continues to grow rapidly, fuelled by the need for digital transformation, variable consumption models and lower costs.  Those considering cloud have different options including public cloud (e.g. AWS, Azure and Google), community cloud (e.g. Vault Cloud) and running your own cloud in-house.

Principle: Use as much of the cloud as possible

DTA Secure Cloud Strategy

Running your own cloud in-house doesn’t benefit from economies of scale or the expertise that cloud providers can offer and integrate into their products. It looks very much like running everything in-house always has.

Public clouds (e.g. AWS, Azure and Google) also have shortcomings such as ‘buyer beware’ levels of security, issues with sovereignty allowing jurisdiction of foreign legislation and surveillance.  Public clouds by nature are also open to any customer with a credit card, opening the possibility of organised crime and other cyber criminals operating on those platforms and the possibility of in-platform lateral attacks.

If you consume public cloud then you simply don’t know who you are sharing your infrastructure with. Shared infrastructure on public cloud means you are:

  • Sharing physical machines
  • Sharing network fabric
  • Sharing storage devices and APIs

These pieces of infrastructure are all logically partitioned with hypervisors and other security mechanisms but these can fail and attackers can get around them as we have seen in the various “cloud hopper” style attacks over the years.

If you are concerned about the sovereignty and security risks of Public Cloud, especially those security risks that follow from the fact that anyone with a credit card (including organised crime) can become a tenant, then you should consider Vault Cloud:

  • Vault Cloud is secure, sovereign, community cloud exclusively for Australian government and Australian critical infrastructure
  • Community cloud delivers all the benefits of public cloud while mitigating this risks
  • Unlike Public Cloud, Vault Cloud is not focused on maximising profits through adherence to the priorities of other nations or multinationals
  • Vault Cloud is also committed to evolving the roadmap of our sovereign cloud platform in accordance with the security requirements of Australian law, the expectations of our citizens and our Australian government and critical infrastructure communities
  • Vault only uses Australian government cleared staff to manage our sovereign infrastructure, and our customer service is delivered locally from Canberra and Sydney by staff who are passionate about serving and making a difference for Australia
  • At Vault we built our technology to TOP SECRET level controls, but we also provide security and assurance on top of this through being entirely sovereign and offering two community cloud configurations for customers:

Government Cloud. Built exclusively for government, and appointed contractors, our Government Cloud was in the first group to achieve the highest possible certification of PROTECTED, having successfully passed an IRAP assessment to SECRET we also offer SECRET ready configurations on Government Cloud

Critical Infrastructure Cloud. Critical Infrastructure Cloud. This cloud is a clone of our Government Cloud and is designed for both critical infrastructure providers and government, it currently holds a certification to UNCLASSIFIED DLM

Sign up to our portal to learn more, or get in touch by phone or email