Infosec Services assists its clients to manage their business risks due to potential security issues with key information assets and operations. As businesses become evermore dependent upon their IT and information systems, there is a greater need for protecting these core assets and operations.

Additionally, with the recent development of increased attention to corporate governance, the security of the core business assets stored and processed on information networks is gaining an increased focus from senior management.

But information security is not black magic, as many consultants and ‘security experts’ would have you believe!  Nor is it achieved by the purchase of a single technical product – information security is a holistic management program that achieves a cost effective regime for asset and operations protection. Infosec Services has a combined 30 years of experience that help clients establish and review such programs.

Key Controls

We assist clients in developing, designing or to review the effectiveness of the following key controls.

  • Security plans
  • Information security management systems and programs

  • Security policies, standards and guidelines

  • Staff awareness

  • Internet security
  • Application security
  • Network security

  • Database security
  • Operating system security
  • Security of server and storage virtualisation

  • Mobile device security

Key Standards

We believe in the use of standards for cost effective guidance on information security. Two of our specialists regularly contribute to standards development activities. We use the following standards in our work:

  • ISO 31000 (formerly AS/NZS 4360)

  • ISO/IEC AS/NZS 27001, 27002 and 27005

  • ASD Top 4, Essential Eight and the Top Migrations for Targeted Intrusions
  • Australian Privacy Principle 11 – Data security

  • Technical standards and specification as required