Our Security
Strategic Data takes information security seriously.
We have been continuously evolving our security capabilities over many years; to ensure the safety of the information assets in our possession we undertake a continuous, systematic approach to risk analysis and security control implementation.
Strategic Data has a dedicated Information Security Officer who, along with our Systems Administration and DevOps team, ensures that information security remains top of mind across all aspects of our business. Through rigorous monitoring, SIEM systems, audits, penetration testing, policies, procedures, encryption and range of security initiatives Strategic Data ensure that your data remains safe.
We invest significant resources to ensure our systems are secure and robust. We routinely assess risks and utilise specialist advisors to help with these assessments, as well as devising means to mitigate the risks. We use an array of security tools that protect and monitor threats 24/7. Members of the team are also continually keeping our servers up to date with security patches and operating system updates.
We have a long history of working with highly sensitive information. We are familiar with the Australian Signals Directorate Information Security Manual and understand how to apply the principles of security to projects of varying risk levels. Activities we have undertaken for specific projects include:
- Vulnerability scanning and penetration testing of the system by external consultants
- Testing against the OWASP Top 10
- Assessment against the Essential Eight
- Information Security Registered Assessors Program (IRAP) assessment
- Development of project-specific security documentation such as a Security Risk Management Plan, Incident Response Plan, Statement of Applicability and Compliance Audits