A report developed by the Australian Strategic Policy Institute (ASPI) has highlighted there are opportunities for reforming the Australian government's data centre procurement arrangement, after uncovering that of the 87 current data centre facilities contracts with Australian Government agencies, 54% were with one data centre provider, equivalent to a combined total value of AU$779 million.
In its Devolved data centre decisions report[1] [PDF], the ASPI said relying on a high concentration of data centre providers could result in an increase in data risk, reduce market flexibility, limit barriers to exit, and reduce innovation.
While the paper did not identify the dominant provider, the entity reports on procurement contracts for the 2019-20 financial year[2] published on Austender suggested the dominate provider was Canberra Data Centre.
The paper also highlighted that individual agencies have been driving many procurement decisions because a whole-of-government approach to data security is lacking, thereby creating "unnecessary vulnerability for government data" and "fragmentation".
"Despite the intent of the Digital Transformation Agency (DTA) Data Centre Facilities Supplies Panel, current panel arrangements place a heavy onus on individual departments and agencies to identify and mitigate data centre risks in the absence of whole-of-government oversight," it said.
"This limits the opportunity to respond in a coordinated manner to wider interests of government, including concerns relating to supply-chain and concentrated data holdings."
The DTA panel was established as part of the Australian government's Data Centre Strategy 2010-25, following the Greshon review into government IT[3] that recommended for the government to "develop a whole-of-government approach for future data centre requirements over the next 10 to 15 years in order to avoid a series of ad hoc investments which will, in total, cost significantly more than a coordinated approach".
Must read: The Australian government