Silicon Valley-based cloud services company, Snowflake, has announced it has secured IRAP (Australian Information Security Registered Assessors Program) certification, a critical step to hosting ‘protected level’ data from Australian Government agencies.
Following a third-party assessment, Snowflake said its ‘Data Cloud’, a data unification solution for cloud-hosted workloads, is now fully aligned with IRAP’s ‘protected level’ control requirements.
Certification will ensure Federal Government agencies can now deploy “a range of workloads” on the Snowflake platform, the company said.
While IRAP’s protected level certification is the highest standard under the IRAP assessment criteria, it does not immediately confer Snowflake with the highest standard (i.e. Secret and Top Secret-level information) set by the Federal Government.
However, Snowflake’s Data Cloud can now be used by Federal agencies and departments to store and run data rated at the ‘protected’ security classification level.
Developed by the Australia Signals Directorate (ASD), IRAP certification ensures that external partners’ ICT systems meet the Government’s strict cybersecurity standards, including the Australian Government Information Security Manual (ISM). It also provides a framework by which individuals are endorsed by ASD.
The certification process is required for many Federal Government departments before they can adopt digital platforms and tools provided by external vendors.
IRAP’s audit process, conducted by third-party assessors, comprises two stages: the first identifies any security deficiencies that must be rectified by the owner, while the second assesses residual compliance.
Following certification, Snowflake said the Federal Government agencies will now be able to procure its Data Cloud “to leverage scalability, elasticity, and data sharing for near-instant, secure, and governed access to their entire network of data”.
Snowflake vice president of sales for Asia Pacific, Peter O’Connor noted that completion of the IRAP assessment allows Snowflake to now “work with all Australian Government agencies, since many departments require the protected status to have been reached”.
“We anticipate strong growth for Snowflake in the Australian Government marketplace and look forward to providing agencies with an automatic approval solution to process, store, or communicate sensitive or classified information on Snowflake.”
IRAP certification, O’Connor added, will also ensure the company can support the cloud-first strategies enacted across Federal and state governments.
“We now look forward to supporting government agencies to manage ever-increasing amounts of data through a platform which provides for governed and secure data sharing in real-time, while encouraging a government-wide data culture,” he said.
Snowflake’s Data Cloud is powered by “a group of capabilities”, with a multi-cluster shared data architecture to support “scale and efficiency” as well as greater data and systems interoperability, allowing users to work “with data across multiple public clouds as if they were one”.
The company also spruiks its integrated security features and modern data sharing, “which allows any number of organisations to share and receive live data with each other, without having to move or copy data”.