Cyber Security

Cyber Security

Synergy have a range of products and services to help keep your systems secure.

Synergy Managed Services has a range of products and services on offer, as well as a team of certified engineers that are able to perform audits, penetration testing, compliance documentation and consult on best practice solutions and seo tips to maintain a secure environment as well as looking ways to mitigate any threats that may result.

Ranging from basic firewalls and anti virus to fully certified governments audits and penetration testing, Portal Technology can help keep your systems secure.

Portal-Technology-security

Why is security becoming such an important issue for you?

The Australian Cyber Security Centre (ACSC) is the Australian Government’s lead on national cyber security. It brings together cyber security capabilities from across the Australian Government to improve the cyber resilience of the Australian community and support the economic and social prosperity of Australia in the digital age.

In July 2018 the ACSC became part of the Australian Signals Directorate (ASD), which became a statutory agency.

The Information Security Registered assessors Program (IRAP) is an Australian Signals Directorate (ASD) initiative to provide high-quality information and communications technology (ICT) services to government in support of Australia’s security.

IRAP provides the framework to endorse individuals from the private and public sectors to provide cyber security assessment services to Australian governments.

Portal Technology's endorsed IRAP assessors can provide an independent assessment of ICT security, suggest mitigations and highlight residual risks. Our IRAP Assessors can provide assessment up to the TOP SECRET level for:

  • Cloud Services
  • Gateways
  • Information systems
  • GateKeeper
  • FedLink

The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to assist organisations in protecting their systems against a range of cyber threats such as:

  • targeted cyber intrusions (advanced persistent threats) and other external adversaries who steal data
  • ransomware and external adversaries who destroy data and prevent computers/networks from functioning
  • malicious insiders who steal data
  • malicious insiders who destroy data and prevent computers/networks from functioning.

While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. Furthermore, implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a successful large-scale cyber security incident.

The Essential Eight are:
  • application whitelisting – to control the execution of unauthorised software
  • patching applications – to remediate known security vulnerabilities
  • configuring Microsoft Office macro settings – to block untrusted macros
  • application hardening – to protect against vulnerable functionality
  • restricting administrative privileges – to limit powerful access to systems
  • patching operating systems – to remediate known security vulnerabilities
  • multi-factor authentication – to protect against risky activities
  • daily backups – to maintain the availability of critical data.

The Protective Security Policy Framework (PSPF) has been developed to assist Australian Government entities to protect their people, information and assets, at home and overseas.

The PSPF articulates government protective security policy. It also provides guidance to entities to support the effective implementation of the policy across the areas of security governance, personnel security, physical security and information security.

The Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD) produces the Australian Government Information Security Manual (ISM).

The ISM helps organisations use their risk management framework to protect information and systems from cyber threats. The cyber security guidelines within the ISM are based on the experience of the ACSC and ASD.

Security Information and Event Management (SIEM) are very important in the field of cyber security and event management (SEM). SIEM software products combine SEM with security information management (SIM) to enhance the computer security and provide real-time analysis of security alerts that are generated by the network hardware or software applications.

Synergy Managed Services are not just focused at the government level, we can adapt requirements for corporate and SMB organisations.

Synergy Managed Services products and services include:

  • Secure Code Review
  • Project Management
  • Professional Services
  • Penetration Testing Services
  • AlienVault Monitoring Services
  • Application Whitelisting
  • Business Continuity plan
  • Data Management plan
  • Disaster Recovery plan
  • E8 Maturity Model Assessment
  • Incident Response plan
  • Information Security Policy
  • ITSM Standard operating procedures
  • ITSO Standard operating procedures
  • On Boarding Policy
  • Statement of Applicability
  • Security Risk Management plan
  • System security plan
  • Threat and Risk Assessment
  • Vulnerability & patch management plan
  • Security Awareness program
  • Supplier management plan
  • Key management plan
  • Emergency Procedures
  • Change management policy
  • Audit logging plan

Ranging from basic firewalls and anti virus to fully certified governments audits and penetration testing, Synergy Managed Services can help keep your systems safe.

Contact Us