Security & Privacy
-
Data & Application Hosting
We ensure our data and applications are hosted in the most secure environment.
-
Application Security
We ensure our applications are built with quality, and can only be accessed by our users, secured with MFA.
-
Security & Compliance
Our staff and policies are managed to keep information safe.
Data & Application Hosting
Our data is hosted with Microsoft Azure & Microsoft Azure Sharepoint in Australia.
Azure adheres to security controls for ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP and ENS.
All our data is encrypted at rest.
Our databases are backup-ed offsite regularly every 30 minutes. Our Sharepoints document stores are backed-up daily.
All our own applications are hosted on Microsoft Azure.
Databases can only be accessed from within Azure & selected IPs.
Our applications use (forced) SSL/HTTPS.
Application Security
We use MFA with SSO for all users for Sharepoint, Outlook, Teams, our CRM, Zoom, our Databases & Azure.
Compared to companies in our cohort, our Microsoft security score is far above the norm: 69.2% (46.7% is norm).
Salaried staff laptops have added security (defender for business & device encryption).
We use an extensive software test cycle (Test, Staging, Production environments).
Manual tests of each release are performed by our quality assurance team.
Our production environment is continually monitored for performance.
Security & Compliance
All full-time and part-time salaried personnel are vetted.
All personnel & users sign our confidentiality agreement.
We have business continuity plan & redundancy in key personnel.
We have conducted third party analysis of our security (October 2023).
We maintain a security risk registry.
We do phishing attack simulation & training for salaried staff.
See our Privacy Policy for more information.