Your Data Is Not Worth The Risk
We understand that your I.T. systems are the key to your business credibility. Clients need to know that your systems are secure, reliable, and properly controlled.
FocusNet Technology will work with you to evaluate how well you’ve addressed I.T. infrastructure fundamentals—security, controls, availability, reliability, assurance, and trust. A breakdown in any of these critical areas of your systems can damage both your business and customer confidence.
Prevention and Mitigation
We ensure that all data is kept private and secure in the following ways:
Enterprise Grade Firewall Systems
- Data is protected by Palo Alto Networks and Cisco Firewalls and communications devices.
- These systems are maintained by our in-house engineering teams, and backed by the vendor’s engineering support.
Multi-Layer Data Separation Systems
- All data is placed in a dedicated location only accessible by the intended party.
- Multiple layers of permissions / security are applied to the location.
Data Safety / Encryption
- All data is encrypted whilst “in-flight”.
- Our physical systems are operated out of secure facilities where access is only gained after several successful challenges, including physical and Biometric security.
- All Systems are operated within Australia ensuring compliance with Australian government laws regarding data sovereignty.
- All data in backup and DR systems are fully encrypted.
- Any offline data is also fully encrypted.
- Datacentres are ISO 9001 and ISO 27001 certified at minimum.
- Cloud Services are ISO 9001 and ISO 27001 certified at minimum.
- All web traffic is filtered before it is allowed to be accessed.
- Multiple layers of Anti-Virus systems are in place.
- Regular systems checks and intrusion detection are run.
- Quarterly third-party penetration testing is undertaken.
- Multiple systems are in place to stop Zero Day threats as much as technically possible.
- Application Whitelisting has been implemented and is continuously monitored.
- Threats and Vulnerabilities are continually monitored by FocusNet and Partner teams, our engineering team will adjust and optimise security systems to mitigate against any new threats.
Backup and Recovery
FocusNet has multiple protections in place:
Data Backup and Disaster Recovery
- Systems are protected by several backup systems
- 4 Hourly Data Backups – Including Open Files / Databases
- Hourly Data Snapshotting.
- Backup Data is kept offsite to the main datacentre and is all fully encrypted.
- Backup Data is kept for a period of 12 months (Longer retention periods are available upon request).
Backup and DR Testing
- A weekly DR Testing regime is in place to ensure the effectiveness of Backup Systems and Disaster Recovery is undertaken.
- Testing of backup systems includes individual file restores, as well as full system restores.
- Testing of DR systems includes ensuring all DR specific networking functions as expected and work-loads transfer failover and fail-back properly.
IT Disaster Recovery Plan
- In the event of a disaster occurring at primary premises, the platform will remain operational due to the offsite nature of the system. FocusNet can assist business operations by providing temporary devices and assistance for staff to operate from alternate locations, including home offices etc.
- In the event of a disaster occurring within FocusNet’s primary operations, detailed plans have been crafted to maintain operations at our secondary locations.
Notifiable Data Breaches Scheme
FocusNet is aware of the mandatory NDB Scheme and has worked to be compliant with the regulations set forth in the
legislation. FocusNet is committed to continuous disclosure, our role in any possible breach will adapt depending upon the nature of the breach.
Security and Vulnerability Review
Proactively implementing a security plan for your business is more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident. FocusNet is well aware that a single mitigation strategy will not guarantee the prevention of a security incident, therefore to provide confidence to organisations and ensure the best protection we implement a thorough threat analysis in conjunction with the Essential Eight outlined by ACSC.
As a premium End-to-End managed IT solution the mitigation strategies are customised based on each organisation’s risk profile and the adversaries they are most concerned about.
Our team can help you in the following areas:
- Information integrity and analysis
- Vendor and third-party risk management
- Regulatory reviews
- I.T. controls effectiveness
- Identity access management
- Privacy management
- Threat and vulnerability assessments
- Security policy management
We also assist clients design and implement security architectures to address risk issues. This helps create a complete information technology risk reduction approach to ensure confidentiality, integrity, and availability.
Partnering with FocusNet for your Cybersecurity
In line with the Western Australian Auditor General’s report, a strong recommendation is made for organisation’s to improve their physical security whereby “agencies should develop and implement physical and environmental controls mechanisms to prevent unauthorised access or accidental damage to computing infrastructure and systems”.
With FocusNet Technology your business data is stored on our premium servers located within our highly-secured local datacentre which is backed-up every 4 hours and features multiple fail-safes. Our experts have knowledge and experience across all areas of I.T. security and continue to provide additional levels of security for enhanced protection of our platform.
Choosing FocusNet Technology as your cyber-security partner will ensure you meet Australia’s compliance standards and safeguard your business from ever-evolving cyber threats.
Cyber Security Awareness Training
FocusNet Technology has been working with KnowBe4 for several years offering an online solution to address the number one cyber risk, human error. Even the highest-grade security infrastructure can all come crashing down due to a cleverly planned social engineering campaign.
KnowBe4 Security Awareness Training and Phishing Simulation work to improve staff’s cybersecurity knowledge with the largest integrated training platform in the world. The endless content made up of videos, articles, games, tests and more, addresses current cyber risks and can be completely tailored for specific industries or topics.
Working in conjunction with the online training is the Phishing Simulation platform which again is highly customisable. The Phishing tests are one of the most powerful tools in the cyber arsenal in that it helps to identify the ”phish-prone” users of your organisation, essentially highlighting your greatest risks to a social engineering attack. With the aid of comprehensive analytics, the KnowBe4 console features automatic enrolment of these risky users into training modules that are generic or can be tailored for users with specific behaviours. This feature empowers the organisation to address their risk exposure by training those users who need to increase their cyber awareness and security best practices ultimately creating a robust human firewall.More About Our Security Training