John Karabin, Verizon ANZ area vice president
Australian organisations’ growing comfort with the security of hosted cloud services is paving the way for increased investment in local data centre space and new approaches to cloud-related infrastructure models as Verizon, Rackspace and others push new facilities into an ever-busier market.
While noting that macro trends had significantly changed the structure of its data centres – average demand that was initially around 1kW of power demand per square metre had increased to around 9kW today – Verizon ANZ area vice president John Karabin tells CSO Australia that the company’s recent decision to double the amount of floor space in its Fyshwick, ACT data centre came in large part from growing demand for the company’s managed security services portfolio.
“There’s still a way to go for people to be completely happy around cloud security,” he explains, “but as a general trend, they are becoming more comfortable with that. They are more willing adopt shared applications and hosted services – but when they come to decide what goes into the cloud, they really want to see that their requirements in security are being met.”
Gartner recently identified the challenges awaiting organisations working to increase the level of security in cloud computing – which has also been targeted by infrastructure providers such as Rackspace, IBM, Amazon Web Services and NextDC, which acquired a large, secure 1300 square-metre data centre in Canberra in 2011.
“Overall, cloud service providers aren’t as clear as they should be concerning matters such as their business continuity and disaster recovery practices, making it hard to win customer contracts,” Gartner research vice president told clients in a recent presentation.
“Gartner clients are almost universally disappointed” by a lack of “specificity” around security in cloud contracts, he added, noting that new certifications such as the ISO 27017 cloud security and ISO 27018 cloud privacy models are still one to five years from maturity.
Still, ongoing investments in security accreditations go a long way in demonstrating security nous – and offer particular value in the pursuit of government business, Karabin adds, noting Verizon’s investment in ASIO T4-grade physical security had been matched by an investment in secure Internet gateways, intrusion detection systems, managed firewalls, and other security elements.
Last year, Verizon achieved Gatekeeper accreditation and Common Criteria certification and now offers 6900 square feet of Australian data centre space across sites in Sydney, Melbourne, and Canberra. A key role of those sites is to deliver value-added services: for example, it is targeting government agencies with managed identity access management (IAM) solutions for policy-based authentication. Verizon’s data centres are also certified to connect to the government’s high-security ICON fibre network.
“We spend a lot of money in targeting the accreditations, and obviously that’s important for government,” he says. “Standard government departments, Defence, and even e-health applications are starting to appear – and they all need high quality, high availability data centres with lots of security wrapped around them.”