Equipped with the latest Information Technology
All AS White team members are fully equipped with the latest information and communication technology, including hardware and software to ensure efficiency of workflow between our partners and the AS White team. This is crucial to assure a high performing working environment, which is significant to talent acquisition and retention.
AS White’s internal IT department supports our partners in the initial stages of on boarding their new team to ensure all IT requirements are met and integrated successfully. Our IT Team will ensure constant communication and assistance of any on-going maintenance that follows (if needed). We also provide 24/7 support and assistance for the ongoing maintenance of the delivered solution. Our aim is to minimise change for our partners and maximise work efficiency for their business needs by integrating our current IT infrastructure with our partners’ existing frameworks.
All our systems are highly maintained in a secure, private cloud environment, and hosted in Australia by AS White. When it comes to new technologies in the market, we work closely with our partners to learn and achieve them.
We are ISO27001 certified (an international organisation for standardisation) and thus, privacy and data security underscores our culture and values, as well as our policies and procedures. We are one of the first Australian companies to gain ISO27001 Information Security Management System certification and we have held this certification for nearly a decade. This is subject to annual recertification and bi-annual certification audits by Lloyds. As a result, stringent systems, policies and procedures are strictly maintained. Below is a summary of our controls and activities related to security, privacy and confidentiality:
- Firewall rules
- Protection against Trojans and viruses through antivirus on servers and desktops, email gateways and internet filters
- Regular automated patching procedures to ensure that security updates are applied in a timely manner
- Regular penetration tests and scans to ensure that the network and systems are secure
- Data captured will continue to be stored in the Australian based environment and preferably one belonging to the client
- Security event log files are centralised and regularly reviewed for suspicious activity
- Restricted web and email access. (that is, work related sites Whitelisted, no email except corporate email, which is logged and monitored)
- Bring your own devices (BYOD) such as phones and tablets are restricted to break out areas and are locked up during work hours.
- A-grade CDB based building with 24/7 Security
- CCTV (entry/exit points and at sensitive areas)
- Alarm systems
- Photo ID access cards with appropriate access controls in place for Malaysia and the Philippines however we use fingerprints in Vietnam
- Secure desktop policy (PCs locked when staff leave desk, clean desk policy)
- Visitor sign-in requirement and visitors escorted on premises
- Dedicated sensitive areas with restricted access
- Site access reviews
Human Resource Security
- Employer of choice, ensuring access to the best candidates who are highly skilled Australian, UK and US educated.
- Minimum of two reference checks conducted for all new staff.
- Background checks and police checks conducted.
- Policy training during induction (for all staff) in relation to information security and the protection of confidential information.
- Requirement for all staff to sign and be bound by confidentiality/non-disclosure agreements.
- Effective management team and structure.
- Ongoing development of all our staff including management.
- Generous remuneration and benefits.
- A culture that focuses on integrity – we will not tolerate a lapse in our values.
- Locked down environment to prevent unauthorised removal or duplication of data
- Utilisation of thin client ensuring no offshore storage capability, USB/Firewall or CD/DVD read/write
- Access to external email and internet webmail are denied (unless exempted for specific requirements)
- No Printers (Dual screens used instead)
As we are a distributed business dependent on information technology and our people to function, our disaster recovery plan is multi-faceted. The information below details at a high level the response to a disaster resulting in the loss of access to each of the components critical to our business.
AS White is a private cloud solution provider and an ISO27001 certified solutions provider and also has APRA and ASIC regulated partners. As a result, our comprehensive Business Continuity Program ensures the delivery of its services to our partners. Our private cloud solutions hosted on AS White is housed in an AAPT data centre at Broadway in Sydney. This assures an environment designed to minimise the risk of possible disasters. However, in the event of a disaster, AS White maintains a warm disaster recovery site at Parramatta which will take up a two hour turn around. This site also provides seats for AS White staff in the event that they are unable to access their Sydney office, enabling them to continue to deliver services to their partners including Capacity Connection.