The federal government is consolidating several IT infrastructure policies, which will affect how departments and agencies deploy gateway technology and cloud services in the first instance.
A consultation paper released by Home Affairs [pdf] shows the harmonised IT infrastructure policies and rules will come under what’s being called the Resilient Digital Infrastructure (RDI) framework.
The framework replaces an existing gateway policy and secure cloud strategy. Other IT infrastructure may also be covered by the framework in future.
The paper outlines some overarching security-oriented “pillars” for RDI infrastructure: that it is to be “individually hardened”, deployed in a secure environment, and be “flexible and modular” to support multiple use cases or scale with user needs.
Commonwealth entities, vendors and “trusted partners” that architect, oversee or use the infrastructure are also expected to participate in the “open exchange of information and good practice” – which is intended to create an overall uplift in the security and resiliency of IT infrastructure underpinning digital government services.
The first set of technical guidance for deploying RDI infrastructure covers gateways – including internet and email – as well as secure service edge (SSE) technology.
SSE itself encompasses several product types, including cloud access security broker (CASB) and zero trust network access (ZTNA).
Home Affairs said it would also set some RDI standards for cloud computing “over 2025”.
It asked if other IT infrastructure underpinning digital services should undergo a similar process.