Australian Data Centre Strategy Summit 2015

Screenshot 2015-03-16 19.32.29

Last week I was fortunate to attend the Australian Data Centre Strategy Summit that was located on the Gold Coast – a very nice location for a very serious conference! The conference focus was about, yes, you guessed it, Data Centres, and the decisions businesses are making when it comes to hosting their infrastructure in the ‘cloud’. The reality of any ‘cloud’ service is that these are bricks and mortar data centres, located in physical locations both in Australia and overseas. For an organisation, you are making decisions to have infrastructure hosted elsewhere and your employees/students will be pulling data down from these data centres to your physical location. Think Google Apps for Education. Similar concept, but that is software as a service (SAAS) whereas infrastructure hosted in a data centre is infrastructure as a service (IAAS).

I do feel a need to point out that I was one of five female attendees (I was counting, and it wasn’t difficult to spot the women in the room). C’mon girls – we need your presence at IT conferences, and as participants rather than as organisers of the event. There were quite a few pretty young things handing out materials, but I did almost cheer when I saw Australia Post’s general manager for service integration and operations Claire Bourke enter the room. She delivered a presentation about Australia Post’s switch to active-active data centres using the Melbourne Next DC facility and Fujitsu’s Noble Park facility. If you’re interested, you can read about their motivation for this transition here. 

There were only two schools present. Toorak College, and St. Luke’s Anglican School in Bundaberg, ably represented by Mitch Miller, their IT Manager who has done some groundbreaking work in his school to move infrastructure to Amazon Web Services. The school’s approach has been the subject of an Amazon Web Services case study and I’d encourage IT Managers in schools to take a read.

You can access my Storify of all of my tweets from the conference here. 

Some highlights for me (other than Mitch’s presentation, which was specific to school environments, but more than applicable to business operations too).

Mark Thiele’s presentation about the impact of the Internet of Things on the Data Centre. Mark made some really salient points about the need to seek out talent for IT in your organisation to enable innovation to flourish. His article about Innovation vs Cost Center in relation to IT is a must read for anyone heading up IT, as is another written by Mark exploring the ‘IT Hero and Firefighter Mentality‘ that can pervade organisations. Really worthwhile reads that give you much to contemplate and work with.

Chris Taylor, CTO at Qantas, delivered a fantastic presentation that I wasn’t permitted to tweet. However, their cloud strategy has been explored in an IT News article that is well worth reading. I did take notes, and I think there are aspects of it that I can share as a lot of it is spelled out in the IT News article. Chris stated, “Cloud is the best thing to happen to IT systems”.  Some great points he made regarding a shift to utilising the benefits of the computational processing power of cloud services were:

Innovation and agility

Simplification

Speed to value and business outcomes

Cultural transformation

Speed is life – to get speed you need to take complexity out

Respect your customers – they want better service

Fail fast. Cloud allows you to do this

Test – learn -pivot – redo

Glenn Gore is Senior Manager, Technology Solutions at Amazon Web Services and he ran a workshop outlining AWS and their security, something I was keen to explore. This was very interesting, especially considering this was an ‘I am the only woman in this room’ session, and the fact that Glenn asked participants to say who they were and why they were there. I was ever so slightly intimidated as I realised I was surrounded by CIOs from major corporations and Government agencies, and I had to say that I was from an Independent Girl’s School in Victoria! Nonetheless, I was not deterred and asked quite a few questions. Some key takeaways from Glenn’s session (for me, anyway):

There is cooperation between tier one telcos to try and combat attacks that are becoming more frequent.

People are moving to encryption of data when it rests in data centres (and as it travels there). Key management becomes critical – rolling keys updating every hour etc to secure the management layer you are responsible for when storing in what is considered the ‘public cloud’.

AWS will encrypt on a vendor’s behalf if you want that.

Businesses/corporations should be using 2 factor authentication to secure data.

AWS use real time security frameworks – they use algorithms that flag when patterns of activity change allowing them to identify suspicious activity. They often flag sites and check with owners of data to see if there may be reasons for changes in activity level.

AWS have a shared responsibility model – AWS manages infrastructure. Hacks are happening at apps level. No attacks coming through infrastructure level. Here’s some info from their security page:

Because you’re building systems on top of the AWS cloud infrastructure, the security responsibilities will be shared: AWS has secured the underlying infrastructure and you must secure anything you put on the infrastructure or connect to the infrastructure. The amount of security configuration work you have to do varies depending on how sensitive your data is and which services you select.

 

AWS does not publicly display roadmaps and dates -this is part of their security profile. They don’t care about delays to their roadmap because security is the main priority.

AWS security engineering team- develop their own patents to deal with protecting their infrastructure

Duty of care – will note suspicious traffic vectors and send out calls to check.

AWS will Scan for open ports.

You as the user of the system, have to protect your encryption keys and access to systems – don’t lose sight of this.

AWS are the first cloud provider to meet IRAP in Australia. Now this impressed me. Here’s what that means:

Amazon Web Services was audited by an independent assessor from the Information Security Registered Assessors Program (IRAP). The assessment examined the security controls of Amazon’s people, process and technology to ensure that they met the needs of the Australian Signals Directorate (ASD)Information Security Manual (ISM).

One of my questions to Glenn was, “Who do you see as your closest competitor”, because, quite frankly, after all of my reading I can’t see anyone who gets close to what AWS can do in terms of understanding data centre cloud storage and the security necessary to run it. Here’s where they sit in Gartner’s magic quadrant:

Screenshot 2015-03-16 22.48.53

Glenn’s answer: he sees their competitors as the people thinking they can build their own data centres and protect it adequately. I think he was referring to people with the mindset that is fearful of the ‘public cloud’ who have limited understanding of the security offerings a company like AWS can provide. (If anyone reads this who was in the room and who thinks I misinterpreted this, feel free to correct me).

All in all, a really worthwhile event for a woman from an Independent School in Melbourne to attend. 😉

Here’s a few links to information regarding security and AWS for those of you interested in reading a bit more.

http://www.asd.gov.au/infosec/irap/irap_assessments.htm

http://aws.amazon.com/compliance/aws-irap-information-security-registered-assessors-program-australia/

http://d0.awsstatic.com/whitepapers/compliance/AWS_Australian_Signals_Directorate_Cloud_Computing_Security_Considerations_Oct14.pdf

http://d0.awsstatic.com/whitepapers/compliance/Using_AWS_in_the_context_of_Australian_Privacy_Considerations.pdf

http://aws.amazon.com/compliance/

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s