NZ to develop ‘Excellence Centre’ to accelerate whole-of-government cloud uptake

Beehive Cloud

The New Zealand Government has launched a new initiative to accelerate the uptake of cloud and “execute well-designed and governed cloud migrations” across NZ’s public sector.

The whole-of-government Cloud Centre of Excellence (CCoE), to be established over the next two years, will be tasked with supporting agencies in their cloud migration journeys.

As the CCoE is developed, the Digital Public Service (DPS), which sits within the Department of Internal Affairs, will continue its work with functional leads (the Government’s tech C-suite) in updating the Government’s cloud policy and system settings, including new guidance for the use of the technology within public agencies.

The Government’s Cloud-First policy, announced in 2016, advances cloud uptake “in preference to traditional IT systems” with NZ public agencies.

The DPS’s broader program also aligns with moves by the Government to on-shore its cloud services, assisting hyperscale providers, including Microsoft, to establish NZ-based cloud centres that can house government and local business data.

Recent approval to build a $100 million Microsoft-built data centre “region” in Auckland is among the Government’s more high-profile on-shoring endeavours, with the tech giant stating that its new hyperscale facility will help to accelerate the uptake of cloud services within New Zealand’s public sector.

Microsoft said data security and integrity, as well as strict local regulations, were firmly in-mind with the decision to build its data centre locally, giving organisations and agencies confidence to store sensitive citizen data.

While the cloud region was considered a done deal earlier this year, with the Ardern Government announcing the plan back in May, the Overseas Investment Office (OIO) only recently approved funding for the works.

The new hyperscale data centre will ensure government organisations and businesses do not fall afoul of data sovereignty and security requirements under New Zealand’s recently legislated Privacy Act 2020, which comes into effect this December.

The new Privacy Act provides added safeguards to protect personal data, placing the onus back on organisations that share data with overseas companies or third-parties to ensure they have comparable data protection protocols in place.

If data is sent overseas without such provisions in place, individuals will need to give informed consent prior to its transfer.

Moreover, organisations that have shared data with a service provider (including, for example, a cloud-based CRM) remain responsible for the security and use of that personal information.

Australia’s Canberra Data Centres (CDC), owned by the NZ-based Infratil, has also announced plans to establish two hyperscale facilities in Auckland.

NZ’s Minister for Government Digital Services, Kris Faafoi, said the new on-shore cloud facilities give the Government “stronger controls” in protecting data “and reduce the concerns relating to storing data offshore”.

Microsoft said both public and private sector entities will be able to take advantage of the “scalable, highly available and resilient public cloud services” while also meeting their “data residency, security and compliance needs”.

Moving forward, the DIA said it would engage with cloud providers to “continually improve” New Zealand’s access to their cloud services, sharing cloud “best practice” processes and providing access to cloud services through “negotiated commercial agreements” made with cloud providers.

The DIA anticipates that accelerated adoption of cloud services will smooth the agencies’ digital transformation journeys, reducing costs, increasing security, and improving workforce agility.