Our partner is a leading training organisation in WA and works closely with the state government to provide high quality business training, development and mentoring.
Department of Education, Skills and Employment’s (DESE) introduction of Right Fit for Risk (RFFR) information security compliance regulations, meant that our partner had to comply with new stringent cyber security measures.
Our partner of 4 years had relied on us to deliver great service and advice on all matters relating to IT. To ensure that our partner maintained their status as a leading training provider for the state government, our challenge was to develop and implement security solutions that not only comply with the new standards, but ensure that these solutions are seamlessly integrated into the current environment, providing scalability as our partner continues to grow.
To ensure our partner complied with the new far reaching security measures, Epic IT recommended & deployed a host of solutions.
Using The Australian Cyber Security Centre’s (ACSC) Essential Eight Maturity Model as our guide, Epic IT deployed the following solutions:
Application Control: Established an agreed upon Standard Operating Environment (SOE) within the Microsoft Windows Environment and enforced it organisation wide on all current and new devices.
Configure Microsoft Office Macros: Reviewed macro use within the organisation, and disabled for users that did not have a demonstrated business required.
Application Hardening: Establishing systems and processes that protect applications against intrusions by eliminating vulnerabilities and increasing layers of security.
Restrict administrative privileges: We reviewed existing administrative privileges within the organisation, and implemented new standards in line with the principals of zero-trust and least privilege.
Multi-Factor Authentication (MFA) Hardening: Our partner already had MFA in place and we introduced further controls to increase the levels of security protection.
Microsoft Defender for Endpoint: This solution provided Epic IT with the ability of real time vulnerability scanning, which allowed us to deliver proactive remediation support.
Regular backups: implemented test restoration policy.
Our partner was awarded Accreditation under DESAE’s RFFR approach to provider accreditation.
After Epic IT successfully deployed the new security measures over a two month period, we received news that our partner was successfully accredited. We are pleased to see that we contributed to our partner’s business success and ensure that they retain their status as a leading organisation in their field. Plus we know that our partner is operating in a much more secure and safer IT environment.
Looking for Help with your Cyber security auditing and essential eight framework compliance?
Like to learn more about our services?
Please let us know what you are chasing and we will respond same day.