Security & Privacy

  • Data & Application Hosting: We ensure our data and applications are hosted in the most secure environment.

  • Application Security: We ensure our applications are built with quality, and can only be accessed by our users, secured with MFA.

  • Security & Compliance: Our staff and policies are managed to keep information safe.

  • Privacy: See our Privacy Policy for more information.

Data & Application Hosting

  • Our data is hosted with Microsoft Azure & Microsoft Azure Sharepoint in Australia.

  • Azure adheres to security controls for ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP and ENS.

  • All our data is encrypted at rest.

  • Our databases are backup-ed offsite regularly every 30 minutes.

  • All our own applications are hosted on Microsoft Azure.

  • Databases can only be accessed from within Azure & selected IPs.

  • Our applications use (forced) SSL/HTTPS.

Application Security

Security & Compliance

  • We use MFA with SSO for all users for Sharepoint, Outlook, Teams, our CRM, Zoom, our Databases & Azure.

  • Compared to companies in our cohort, our Microsoft security score is far above the norm: 69.2% (46.7% is norm).

  • Salaried staff laptops have added security (defender for business & device encryption).

  • We use an extensive software test cycle (Test, Staging, Production environments).

  • Manual tests of each release are performed by our quality assurance team.

  • Our production environment is continually monitored for performance.

  • All full-time and part-time salaried personnel are vetted.

  • All personnel & users sign our confidentiality agreement.

  • We have business continuity plan & redundancy in key personnel.

  • We maintain a security risk registry.

  • We do phishing attack simulation & training for salaried staff.