ATO hopes for clear skies as it moves to public cloud

Cybersecurity has been the top priority for government agencies when migrating to digital services. A universal expectation from the government is that they will keep our personal and state information safe

But this comes with a price. User experience has been poor and speeds and uptime have suffered.

After a series of embarrassing failures, including the widely criticised #CensusFail, the Government is under increased pressure to deliver reliable digital services. Understandably, it has not wanted to prioritise usability over security, but the time has come when it needs to figure out how to achieve both.

The Australian Taxation Office in particular, understands the need to re-build public trust after this year’s many outages. The new ‘digital by default’ and ‘cloud first’ policies have meant the ATO has had to leap into the cloud to improve reliability and speed in order to regain trust.

The ATO has now announced that it is moving its mission critical applications off-premise and into the public cloud through Amazon Web Services (AWS) with the help of IBM’s integrator business and Accenture. The ATO is one of the first Federal Government agencies to implement the new strategies, potentially paving the way for others to follow suit.

One of the biggest problems organisations are facing today is shifting away from outdated and unreliable legacy systems, and this is certainly true of Government agencies. While there is a misconception that the public cloud is less secure than other hosting options, in this scenario, migrating to the latest software in the cloud will actually reduce the government’s risk.

Mitigating risk

Traditionally, government has steered clear of the public cloud, fearing the security risks were too great. Instead, government agencies have either architected entire on-premise infrastructures or worked with telco providers to create a government-only network with encrypted communications and no outside connectivity.

The ATO’s recent move to AWS could well mark the beginning of the end of this period in how the Government delivers services to Australians.

In a recent talk at AWS, Alastair MacGibbon, the Prime Minister’s Special Advisor on Cyber Security, said migrating to the public cloud is no longer seen as risky. Instead it will increase both reliability and the ability to react to new and evolving cybersecurity threats. Mr MacGibbon even admitted that cloud specialists like AWS are better equipped to manage the Government’s digital platforms.

Meeting public expectations

Government organisations are far from exempt from the extraordinarily high expectations Australians have of customer service providers. We expect the government to spend wisely on technology to make our lives easier.

A 2016 study by Australia Post found that 94 percent of Australians want all government services to be available online. But only 29 percent of eGov users were satisfied with their experience, and 58 percent had encountered some problem with the online service.

With consumer expectations rising, both state and the Federal Government need to invest in a better digital customer experience.

For public cloud adoption, the focus needs to be around consistency of service levels and security posture when moving to public cloud environments like AWS – thus not affecting end-user experience and trust.

The transition to the public cloud should not impact the end user, so a cheaper solution that is only good enough will not always deliver the results expected by government agencies. The tools used for delivering applications therefore need to be consistent and portable between cloud providers to provide optimal experience to the user and deliver a consistent service level, regardless of where the application resides.

The goal for government should be for 99.9 percent uptime of applications whilst keeping them safe, and if this is not attainable, people will judge agencies on their speed and capability to bounce back from unexpected outages, downtime, or technical failures, particularly at times of urgency and peak traffic.

Whilst public cloud adoption is a perfectly valid strategy, if the decision is solely based on cost, there is a good chance the service level comparison hasn’t taken place and a compromised service level and security posture has been provisioned

 Service levels and security must at least be maintained and potentially improved. If not, information security and user confidence will be compromised, along with some embarrassed Government personnel.

By shying away from perceived risk, rather than actual risk, the Government is doing itself more harm than good. By placing an increased importance on useability of its digital service, the Government will be able to better deliver services to those who need them, regaining the trust of Australians.

The ATO is leading the race towards the Government’s cloud-first goal, paving the way for the rest to follow suit. Rather than seeing it as a risk, other government agencies should see the ATO’s leap towards the cloud as a positive step towards improving customer experience.

Martyn Young is Senior Manager, System Engineering ANZ at F5 Networks


Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at  

Sign up to the Government News newsletter

Leave a comment:

Your email address will not be published. All fields are required