Security

We take security very seriously.

We have several ways of ensuring customer security including:

  • Our Security Incident Management Plan of our ISO 27001 accreditation that follows the framework of
    • Assessment
    • Containment
    • Eradication
    • Recover
    • Follow-up
  • We utilise our my.hostworks ITSM tool-set portal to consistently log, report, escalate and monitor security incidents
  • We have trained Subject Matter Experts (SMEs) that detect and manage security incidents, leveraging the additional expertise of our security and technology partners for assistance in investigations and legal discovery.
  • We operate under a security guidelines in respect to customer environment network design standards and network use cases.
  • We perform monthly Operating System patching to all severs under management.  On occasion, if there is a requirement to patch zero day vulnerabilities, we work with customers to schedule and deploy these as a matter of urgency.
  • We mandate all signature based security services such as anti-virus and IPS are employed and updated on a daily basis.
  • We can provide vulnerability assessment services such as penetration testing through the use of an independent, industry recognised security service provider.

 

We welcome all our customers to conduct any due diligence and audits.  As part of our standards accreditation we regularly undergo external audits to ensure we’re delivering to the specific criteria, including ISO 27001.  Our most recent assessment and audit was conducted in July 2015.  We are committed to maintaining this accreditation well into the future.

 

Denial of Service attacks are becoming more prevalent so to ensure we have the best mitigation and protection plan in place for our customers we have made an investment in the Telstra Premium DoSP Solution.   It provides protection against volumetric DDoS attacks without the need for additional infrastructure.   The use of this service in association with our security incident response process has seen recent incidents with high volume DDoS traffic mitigated within minutes.