When it comes to our internal systems, Greenlight is committed to following the best practices as outlined by the Australian Cyber Security Centre (ACSC) guidelines for Managed Services Providers. Our core values are to practice ourselves whatever we preach to our customers. We do this so that we can provide world class security to our customers and ensure that your data is safe with us. This means that as a company our goal is to:
1. PRIORITISE CYBER SECURITY IN EVERYTHING WE DO
Implement security measures during all stages of ICT system and network development, deployment, and maintenance.
After implementing recommended risk mitigations, review and accept residual cyber security risks before authorising systems and networks to operate in production environments.
All changes to ICT systems and networks are recorded, reviewed, and approved before implementation.
Cyber security is a core requirement for procuring software, hardware, and services, including cloud services from our vendors.
Implement the ACSC’s Essential Eight mitigation strategies.
2. PROTECT THE CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY OF OUR DATA, AND OUR CUSTOMERS’ DATA
Perform daily backups of important data.
Store backups for at least 3 months for internal data.
Conduct partial recovery tests of backups annually or more frequently.
Implement and test our business continuity plan, and disaster recovery plan.
3. EDUCATE OUR STAFF ABOUT CYBER SECURITY
Provide contemporary cyber security awareness training to new staff at induction.
Provide monthly cyber security awareness training to all staff.
4. ACT ETHICALLY AND RESPONSIBLY WITH OUR CUSTOMERS’ DATA AND CYBER SECURITY
Segregate customer networks logically and physically from each other and from our internal networks.