Secure remote access environment (SRAE) operational update
The SRAE operations team will not be accepting further applications for the use of the system.
The AIHW has recently been through a significant review around the provision of secure environments for AIHW and non-AIHW staff in the context of our broader ICT directions and other developments in whole of government data integration infrastructure.
In November 2022 the AIHW decided to cease supporting the operation of the Secure Remote Access Environment (SRAE) and aim to transition existing projects to alternative secure access environments by the end of June 2023.
The AIHW currently manages data in a range of different secure access environments, each of which serves a distinct and important purpose. We are liaising closely with all SRAE clients to discuss transition options and timing, with the aim to minimise disruption to the important analysis that is currently being done in SRAE.
The AIHW is also working through a range of ICT and ethics issues and considering project requirements in consultation with clients to identify the most appropriate solutions for the future of each project.
If you have any questions or queries regarding the transition of SRAE projects please email: [email protected].
What is SRAE?
SRAE is an AIHW owned and operated secure cloud hosted platform built on top of Amazon Workspaces. This secure environment provides researchers with secure access to data and data custodians with strong governance controls.
SRAE is accessible to users both internal, and external to the AIHW. The platform strives to provide users with remote access functionality from any device whilst having scalability and high-performance capability.
SRAE is a fully functional environment and plans continue to expand its capabilities to include features such as: data cataloguing, curation services, data views, data cubes, researcher support services and much more.
AWS is a platform that provides online managed services to consumers and organisations in order to support their software applications. These applications include (but not limited to):
- customer relationship management
- security services
- data warehouses facilities
- network and content delivery
- mobile services.
For more information on these services go to AWS website.
- AIHW has invested heavily in several online environments which include Microsoft Azure and AWS.
- AWS is one of the preferred providers due to its availability and maturity of services that would allow AIHW to expand and scale the organisations business needs on demand.
- AWS is also security certified by the Australian Cyber Security Centre (ACSC)to house data classifications of unclassified, official: sensitive and protected.
- The Digital Transformation Agency (DTA) has established a whole-of-government volume sourcing which will give AIHW value for money ;and premium support agreements.
For more information on the whole of agreement see A new whole-of-government volume sourcing agreement has been established with Amazon Web Services (AWS).
For more information on data classification see ASD certified cloud services.
Yes - the data that is stored in AWS is a secure environment and the data centre is located in Sydney Australia which is bound by Australian data sovereignty laws. AIHW has implemented multiple security controls to ensure the data is safe and consistently monitored (see below).
AWS is certified by the Australian Cyber Security Centre to house data up to protected and obtained security re-certification (iRAP) as of January 2020.
Many other government agencies currently housing their applications and information on AWS platforms including:
- Australian Bureau of Statistics
- Digital Earth Australia
- Digital Transformation Agency
- Intellectual Property Australia
AAntivirus and malware scanning: all files that interact with applications are scanned for malicious code before entering the environment.
Governance controls:
- users need to undergo ethics approval or require formal approval from the data custodians before gaining access to the project
- all incoming and outgoing files are reviewed and require approval from data controllers before being moved to/from the environment
- a dedicated AIHW service-desk has been established to provide user support
- data at rest is encrypted.
Secure environments like SRAE are becoming increasingly common, other government and universities such as the ABS datalab and the Sax Institute are developing analogous environments. All have differing capabilities and governance requirements. For example the ABS datalab have government mandated requirements that they maintain ownership of any data that exists in their systems.
SRAE has a policy where data access is defined by the data owner. Users are free to bring in any data they need and egress any data that is in line with their defined governance requirements and practices.