Article

How we support SaaS users with regular cyber security updates

As the prevalence of sophisticated cyber attacks grows, knowing that your data security is in good hands means you can focus your time and resources on your core business operations.

As we transition further into the digital economy, more and more of our key systems and operations need to be resilient and secure. Cyber attacks, disruptions and threats to confidential data all mandate the use of strict cyber security measures to minimise business risk. Cyber security is no longer just an IT issue, but a holistic consideration that affects all aspects of your business environment.

Cyber security is a critical business continuity issue

For executives and board members responsible for managing corporate risk, the reputational, operational and financial implications of cyber attacks can be considerable. Many executives are relooking at their security practices and questioning the security of their systems and data. To manage this risk effectively, there needs to be a secure and adaptable platform in place. One which not only complies with global cyber security standards but also receives regular updates to guard against the latest threats.

TechnologyOne’s SaaS platform offers exactly that: a secure digital environment that comes with the highest levels of security — proactively predicting, preventing and responding to any cyber risks that threaten your business continuity. We regularly roll out security updates to all our users, taking the complexity out of safeguarding your data.

TechnologyOne’s approach to SaaS cyber security

Automatic, highly secure and fail safe. This is the premise behind cloud technology of the future, and the guiding philosophy of the TechnologyOne SaaS solution. Our cyber security standards have also been recognised and acknowledged by The Treasury and 30 other federal government departments and agencies, who have rigorously assessed our SaaS platform.

Following the assessment, the cyber security rating of the data managed by TechnologyOne’s SaaS platform was elevated from “Official: Sensitive” to “PROTECTED” under the Information Security Registered Assessors Program, better known by its shorter name “IRAP”. The more stringent IRAP assessment means that data the 31 departments and agencies handle using TechnologyOne’s platform and applications will automatically receive the higher security level.  To gain a better understanding of what makes our cyber security practices so unique, let’s explore the key cyber security features that go into TechnologyOne’s SaaS platform and how they are regularly updated.

Certifications and accreditations

Many industries can have complex and highly regulated cyber security requirements, which is why our SaaS solution is regularly reviewed to ensure full compliance with industry standards. To maintain the highest level of certifications and accreditations, we regularly update, integrate and maintain the latest in innovative security and privacy technologies into our platform, which includes multi-tiered security measures and accredited procedures. You can view the full list of our current accreditations here.

Intrusion safeguards

TechnologyOne has also implemented proactive security measures like perimeter defence and network intrusion detection and prevention systems, together with anomaly detections algorithms that immediately alert team members to any unusual activity. In addition, we also use a number of confidential countermeasures designed to protect both our customers and our services. These tools are periodically reviewed and updated, with updates being rolled out behind the scenes so that our users always have the latest protection and security.

Robust testing

External threats are always evolving, which is why regular testing is so important. Vulnerability assessments and penetration testing of the TechnologyOne SaaS solution are evaluated and conducted on a regular basis by both TechnologyOne team members and trusted external third-party vendors.

Backup and replication of data

TechnologyOne SaaS architecture is active/active by design, which means that all data is synchronously stored in multiple locations, across multiple data centres, automatically. A full backup is taken weekly and stored in multiple locations across four physically isolated data centres. To ensure that we offer one of the lowest recovery point objectives (RPO) in the industry, we perform snapshots every 15 minutes to minimise the potential for data loss in the event of failure. Backups of the database and transaction logs are encrypted for any database which contains customer data for full security.

Privacy

TechnologyOne recognises the importance of the performance of online technology and how personal information is collected, stored, used and disclosed. TechnologyOne is bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) set out in the Privacy Act as well as the Notifiable Data Breaches scheme (NDB). We understand the importance people place on their personal information. At TechnologyOne, we are committed to be fully compliant with all regulations concerning data privacy, and we regularly review our privacy practices and the latest industry regulations to ensure our policies are always up-to-date. For full details, refer to our Privacy Policy.

Publish date

09 Apr 2021

Visit our Digital Transformation Hub for all the resources you need to kick start your journey

Ready to reimagine?

Complete the form to speak to an industry expert about your digital transformation needs.