IT Security Consulting

Our Information Security practice is designed to help you understand your threats, prevent, and respond to them.

Our team consults to some of Australia’s best-known brands on their information security needs. We keep system availability high while ensuring their networks are secure from threats, their brands are secure and they are compliant with legislation.

Amid an ever-changing security landscape, our consulting provides some welcome certainty for you and your company.

Typical Information Security consulting engagements

IT Security Audit

A comprehensive analysis of systems, documentation and procedures across all or part of your company.  Weaknesses in information security are flagged to undergo a series of remedial actions that are also described in detail.

IT Security Training

Executive 1:1, software-based or classroom training for your general staff on IT Security practices to adopt.  Increases staff resistance to compromise via email fraud and phone-based social engineering.

CISO-as-a-Service

Chief Information Security Officer-level services for companies that don’t need a full-time CISO. 1:1 consultancy offering security governance, process development and auditing. 

Board Advisory

Straight-talking advice to your board to address your information security concerns and minimise your exposure to the impacts of a successful attack or data breach.

Security Documentation

Development of clear and concise information security policies and other documentation to communicate company expectations to staff, suppliers and government authorities.  Develop from scratch or update existing policies to reflect current standards and technology.

Security Governance

Making information security core to the company fabric, Security Governance consulting establishes a management and reporting framework to drive the organisation’s security practices.  Can include document creation, creation of security metrics, security committee selection, budgeting and resource allocation.

Vulnerability Assessments

Conducted from the inside looking out, the vulnerability assessment highlights potential weaknesses in software and policies/processes that can be tested in penetration testing.

Business Continuity and Disaster Recovery

Planning for resilience in the event of a range of business interruption scenarios.  Our team will execute a pre-determined Disaster Recovery plan when required.  Includes regular testing at the scale that suits your requirements (simulated, partial or full-scale testing).

Penetration Testing

Using real life attack scenarios with harmless payloads to test the efficacy of your information security systems. You get a comprehensive report and proposed remedial actions to address any gaps.

Mapping PII across the network

Detecting the presence of PII (Personally Identifiable Information – emails, phone numbers, names, addresses, birthdates, credit card numbers and more) on endpoints and servers in your network. Allows you to understand its distribution and enforce policies to control its use.

Independent Breach Analysis

If you know or suspect a breach has occurred in your network, we can analyse it to determine the likely entry points, timing and scale.  This service is useful if you need a second opinion at arms-length from your in-house team or current provider.

Multi-factor authentication

Adding multi-factor authentication to your security processes is one of the Essential Eight mitigation strategies against Cyber Incidents, published by the Australian Cyber Security Centre.  We make sure the project goes smoothly and achieves its goals.

Data Leakage Prevention

Specialist consulting to establish a method for securing information that needs to be accessed by staff and external parties.  Control user rights and keep your data safe.

Notifiable Data Breach Planning

Many companies are now subject to the Notifiable Data Breaches amendment to the Privacy Act.  We create a plan that means if and when a data breach occurs, your actions are guided and you don’t panic.

ISO 27001 Audit Preparation

Pre-certification consulting to create a plan for improvement prior to your official ISO 27001 certification assessment.  We work with you to implement the recommendations.  Our service speeds up the process of gaining accreditation.

“Computer One do very well at inspiring a relationship built on trust.  They have served us for 9 years and we trust their staff, their integrity and their technical knowledge.  They support our critical business systems and play an important role in helping us shape our ongoing competitive advantage.  The expertise in their company is something I don’t think we would get if we hired 2 or 3 people directly.  I’m pleased to recommend their services.”

Jonathan Knowles
Systems Manager
Entity Solutions

“Computer One provide a comprehensive service that covers every aspect of our requirements.  From day one they demonstrated that they understood what we needed and they designed an IT programme that has delivered practically everything that was promised – a novel experience for us.

Computer One is what I’d describe as a true partner to the business, proactively working with us to solve problems or create opportunities rather than merely providing a service.

The overarching deliverable of their service is value for money.  It’s a pleasure dealing with Computer One and I am happy to recommend their services to any retailer (except our competition)!”

Andrew Smith
CFO
Andersens