Keeping your information safe with thorough information security & device management systems and processes
We are in the early stages of developing our capability and have improvements to make. We likely:
- Aim to keep data secure but have limited formal controls covering people, processes and technology
- Have firewall and antivirus protection, but it isn’t centrally managed or monitored
- Have few IT security policies.
We have the fundamentals under control to protect our information, but further improvements are possible. We likely:
- Have implemented most of the ACSC’s Essential 8 security protections
- Educate staff about where information should be stored based on what type of data it is – sensitive, confidential, public etc
- Securely encrypt and password-protect all devices that store sensitive information (such as client data)
- Centrally manage and monitor network firewalls
- Have approved security policies that staff understand and follow.
Our security protections work very well, deliver value and support us to achieve our mission. We likely:
- Have been independently assessed and confirmed as compliant against an information security standard
- Have a system that collects and analyses security information from all devices and accounts, identifying risks and appropriate actions
- Regularly reinforce security education so that staff consider security a key responsibility
- Undertake compliance testing to identify issues assess their risk and prioritise appropriate remedial action.
How ready are you?
Spend a few minutes to know how ready your organisation is to move to the cloud. This will help you understand what materials below will be on most valuable as you chart your own path to digital transformation.
Need More Expertise?
We have experts who can give you more tailored advice. Book now for a 30-min session to get key questions answered.