Australia’s domestic spy agency is planning to undertake a massive greenfields IT build that will see it adopt Microsoft Azure across the protected, secret and top secret security classification domains.
The Australian Security Intelligence Organisation (ASIO) revealed plans for the large-scale IT transformation on Wednesday to ensure it remains on the front foot in a changing security and operating environment.
It follows a 2017 review commissioned by director-general of security Duncan Lewis that found the need for the agency to improve data collection and analysis, and transform its approach to technology.
The overhaul will see the agency deploy “integrated core technology platforms” built upon greenfield solutions that cater for future capability improvements, ASIO said in a request for expression of interest.
This includes a new enterprise technology platform (ETP) that will underpin a core data platform (CDP) that gives staff across the agency to “access a greater breadth of data”.
The ETP will be configured for three levels of work: protected, secret and top secret, with each supported by a corresponding Microsoft Azure platform.
The top secret platform – which will either have “components provided as a managed service or as a managed service in its entirety” – will be hosted on premises, though the agency was less strict about the secret and protected platforms.
ASIO noted its requirement for facilities at a range of information security domains (ISDs) would “increase the complexity of the design, implementation and management of future technology solutions”.
In order to ensure it has the “best available and fit-for-purpose technologies”, the agency has put the call out to the market for one or more systems integration service providers to develop and maintain the platforms.
“ASIO is pursuing technology platforms that are seamlessly connected, agile, sustainable and scalable to support enterprise-wide capabilities,” agency documents state.
The program of work has been split into six distinct packages, with the chosen service provider(s) also to assist with the migration of current capabilities to the new platforms.
The main work package covers the overarching ETP and will span desktop, storage, compute, networking, security, infrastructure orchestration and shared services to provide a “common enterprise infrastructure”.
“A consumption based approach to commodity products will deliver adaptable environments for applications and analytical tools,” ASIO said.
“Users will have a single logon with fewer touch points, supported by tools and infrastructure that enhance their ability to collaborate.”
Where cloud is not appropriate for the ETP, ASIO said it would utilise VMware platform instead.
The CDP, which will provide a “foundation for advanced data management and analytic capabilities”, will fall under work package two, while package three will deploy a cross domain solution to allow access to and movement of data across the three security domains.
Migration of ASIO’s custom applications, including analytics and enterprise resource planning, onto the ETP and new a digital user experience platform will all come under packages four, five and six.