Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Cloud computing

Questions to ask Managed Service Providers

Apr 30, 2019 - This document provides simple yet practical questions to ask managed service providers regarding the cyber security of their systems and the services they provide.

Cloud Computing Security for Tenants

Apr 30, 2019 - First published 2014; Latest version April 2019

Cloud Computing Security for Cloud Service Providers

Apr 30, 2019 - This publication discusses the risks associated with cloud computing and provides guidance on suitable mitigation strategies. This publication is specifically tailored for cloud service providers. First published 2014; Latest version April 2019

Cloud Computing Security Considerations

Apr 30, 2019 - Cloud computing offers potential benefits including cost savings and improved business outcomes for organisations. However, there are a variety of information security risks that need to be carefully considered. Risks will vary depending on the sensitivity of the data to be stored or processed, and how the chosen cloud vendor (also referred to as a cloud service provider) has implemented their specific cloud services.
MSP Partner Program

Registration date extended to join our MSP3 program

Apr 17, 2019 - Head of the Australian Cyber Security Centre Alastair MacGibbon has issued an update for registered MSPs and those considering applying to join the Managed Service Provider Partner Program – MSP3. Registration has been extended through to 30 April 2019 and the due date for the return of the surveys is now 31 May 2019. For more information you can view the Program Update here.     
Amazon Web Services

ACSC certifies Amazon Web Services to host protected data

Jan 24, 2019 - The Australian Cyber Security Centre (ACSC) has certified Amazon Web Services (AWS) for hosting Australian Government data classified up to the PROTECTED classification level, providing assurance to Australian Government agencies that AWS complies with Australian Government security requirements. ‘Amazon Web Services joins other providers on the Certified Cloud Services List (CCSL) that meet stringent Australian Government security requirements for hosting PROTECTED data,’ said Alastair MacGibbon, Head of the ACSC.
Rackspace

ACSC adds Rackspace DHE to Certified Cloud Services List

Jan 8, 2019 - The Australian Cyber Security Centre has added the Rackspace Dedicated Hosting Environment (DHE) to the Certified Cloud Services List (CCSL) for unclassified workloads, increasing the options available to Australian Government agencies. The Rackspace DHE joins providers on the CCSL that meet stringent Australian Government security requirements for managing information storage at the minimum Australian Government security standard, Unclassified.

ACSC adds Google Cloud Platform to CCSL

Dec 13, 2018 - The Australian Cyber Security Centre (ACSC) has added Google Cloud Platform to the Certified Cloud Services List (CCSL) for unclassified workloads, increasing the options available to Australian Government agencies. Google Cloud Platform joins 12 existing providers in the CCSL that meet stringent Australian Government security requirements for managing information storage at the minimum Australian Government security standard, known as ‘Unclassified’.

Correcting the record - Certified Cloud Services List

Sep 29, 2018 - Recent media reports suggest third-party solutions built on ACSC Certified Cloud Services automatically inherit ACSC certification. This is not accurate. Any solution or service built on a certified cloud service does not automatically inherit the awarded certification of the supporting infrastructure and is not certified by the ACSC, unless it is also listed on the CCSL.

Apache advises urgent patching of Struts

Aug 24, 2018 - Developers, organisations and companies are being urged to upgrade Apache Struts today to ensure critical infrastructure and customer data is not put at risk. The new remote code execution vulnerability affects all supported versions of Apache Struts 2, Apache Software Foundation said. Apache Struts is a globally popular framework used for creating Java web applications. A patched version has been released today.