Federal government goes cloud-first with Dimension Data's Canberra Cloud

36 comments so far

• If one has any concerns about total privacy and utmost confidentiality, one would not use cloud storage. Pure and simple.

  Consider a NAS at your home and NAS at your friend's house as the solution. Secure and no-ongoing costs.

  Learn and benefit from the personal sacrifice of Edwards Snowden. I'd suggest.

  Commenter

  John_Netizen

  Date and time

  November 24, 2014, 2:04PM

  • People should stop referring to Edward Snowden when referring to cloud technology. He has a username and password to access the information he took. On top of that he is only making public important information that the US government where trying to hide from its people. He's not making public naked pictures of celebrities.
    Secondly, as far as the actual facility goes, it will be required to use access control and alarms, as well as an identification check if you need to enter. I have been inside a bunker in Melbourne and I can tell you they take security very seriously.
    Next we have the hacking aspect. Modern applications should by default be developed with encryption and password protection. You can never design an application to guard against the human factor ie Snowden. But governments to undertake security checks on the individual before issuing access to government data.
    Lastly, Turnbull is delusional. For him to suggest that the previous government were adverse to change is laughable. A complete joke. It is he who has rejected changing Australia's communications infrastructure to 21 century hardware. Indeed he doesn't think Australia should change at all. We should run our country with faxes and landline telephones because that's what our infrastructure was designed for. He is a liability to our country because of his risk management and reluctance to change. He should be embarrassed by his remarks?

    Commenter

    tim

    Date and time

    November 25, 2014, 7:22AM

  • If you make any data exchangeable with interconnections to the outside World then it can never be secure, only ever as secure as your knowledge can make it.

    If someone with more knowledge comes along, they can exploit weaknesses in you and your understandings.

    Cloud is not and will not ever be secure for this reason. Sooner or later some new exploit will be used by someone cleverer than those you employ.

    Witness the loss of credibility when Amazon Web Services were hacked only recently, and they are pitching themselves as the lead in this service area. Now if the lead companies cannot guarantee your data is secure, who can.

    Some things need dedicated secure connectivity and not openness as the holy grail of a modern World.

    Commenter

    Been in the IT industry 30 years

    Location

    Melbourne

    Date and time

    November 25, 2014, 8:45AM

  • @tim +1

    Commenter

    Adam

    Location

    Sydney

    Date and time

    November 25, 2014, 9:14AM

  • My fault in assuming a public knowledge of the background behind Edward Smowden.

    This is a brief clarification, only for those uninitiated.

    There are several types of encryption protocols to secure confidentiality of data in transmission. At present:

    - PPTP can be cracked by government security agencies, i.e. GCHQ (UK) or NSA (US). Microsoft actually recommended users NOT to use PPTP quite a while ago. It's akin to using WEP for your wireless password. The FBI has shown it can be cracked within 2 minutes flat. For those who are wondering, you should use WPA2 with AES for your wireless connection.

    - L2TP/IPSec is also known to be compromised by same security agencies mentioned above. It is not 100% secure. This was also revealed by Edward Snowden, the IT contractor at the NSA agency.

    For further detail see here:
    https://www.bestvpn.com/blog/4147/pptp-vs-l2tp-vs-openvpn-vs-sstp/

    There is a quick summary at end of the article if you don't want to read the whole thing. It suggests OpenVPN or SSTP (note SSTP is only available in Windows environment).

    Your point regarding the requirement of username and password is correct. It's known as authentication. But it has nothing to do with security and confidentiality of data in transmission. Simply put, the US government has accused hackers in China for hacking into various US defense sites. It tells you some thing. So any 'modern applications by default should be developed with encryption and password protection' is not as secure as you may want to think.

    Lastly, Edward Snowden won't be the last person on earth to reveal top government secrets in human history, A disgruntled employee at a data center or a successful hacker will be all it needs to crack open a cloud storage.

    Your other point re Malcolm Turnbull. I agree..

    Commenter

    John_Netizen

    Date and time

    November 25, 2014, 9:16AM

• Reading the article I envisioned some large data centre with lots of storage, imagined the huge amount of data Dept of Finance would be keeping, only to read it's being used for video conference booking software. Hardly heavy duty!

  I guess this will create an attractive one stop shop for hackers and foreign governments to target.

  Commenter

  John

  Date and time

  November 24, 2014, 2:41PM

• That's very secure, by publishing the location of data center's where about.

  Commenter

  Gerson

  Location

  Sydney

  Date and time

  November 24, 2014, 3:08PM

  • I don't mean disrespect but concerning about public knowledge of location of the data center is about as valid (and outdated if I may say so) as the idea of Canberra located far away from the reach of potential enemy's canons. I mean a sea-to-surface missile can travel thousands of miles....

    Back to data center. There are more deadly threats to be concerned with data center such as hacking. Hacking does not need to know where the data center is. Look up on Edward Snowden and educate yourself.

    Lastly, redundancy of data center requires a remote duplicate data center running in tandem. This will kick in if the main one is out of action. In minutes literally - fire, flood, explosion and so on... Hence it is known as redundancy.

    Commenter

    IT worker

    Date and time

    November 24, 2014, 4:17PM

  • @IT workers - Well I wasn't intended to think of using missile, but since you may interpreted that way, i didn't.

    I am probably more concerned about hacking as you said, by knowing the location of the data center, one scenario which pops up my mind is that you can look for fault in the designed of building security and operate a 'bank heist' style data stealing. That is just one imaginative scenario. Of course this could be just movie stuff.

    Mainly i am just referring to whether it is wise to even report it, without knowing about the possible consequences.

    Commenter

    Gerson

    Location

    Sydney

    Date and time

    November 24, 2014, 8:42PM

• Is it wise this news should make it to the papers along with the location of the said data centre. Are you also sending out post cards to hackers?

  Commenter

  erewego

  Date and time

  November 24, 2014, 3:13PM

More comments

Make a comment

You are logged in as [Logout]

All information entered below may be published.

Screen name (required)

Error: Please enter your screen name.

Error: Your Screen Name must be less than 255 characters.

Location (optional)

Error: Your Location must be less than 255 characters.

(required) 300 words remaining

Error: Please enter your comment.

Error: Your Message must be less than 300 words.

Post to

Facebook

Twitter

LinkedIn

I understand that submission of this content is covered by the Conditions of Use by which I am bound and Commenting Guidelines are available for my reference.

You need to have read and accepted the Conditions of Use.