The newly-published Government of Canada Cloud Adoption Strategy requires that only data which the government has categorised as ‘unclassified’, or harmless to national and personal security, will be allowed outside of the country. This information will still be subject to strict encryption rules.
The new strategy, which has been in development over the last year, stipulates that all personal data stored by the government on Canadian citizens, such as social insurance numbers and critical federal information, must be stored in Canada-based data centres to retain ‘sovereign control’.
The move will force those wanting lucrative government contracts to build data centres inside Canada.
According to the proposal document, the Canadian government’s national IT department has already started buying cloud capacity, capable of processing ‘unclassified’ data. By 2017, it is expected that Shared Services Canada will have purchased even greater cloud capacity for handling ‘sensitive’ information, but not for data marked as ‘secret’ or ‘top secret’.
The new guidelines come after two years of federal discussions in Canada about driving cloud adoption, cutting data centre costs and optimising IT infrastructure. The consultations have involved participants from over 60 industry organisations.