Services
Managed Services Swiss Cheese Model
This is a guide to the complete list of services that Critical IT provides, with a focus on IT security and compliance with relevant legislations and professional standards as required. For example, with our health and medical clients, the focus is on compliance with the Privacy Act, My Health Records Act and the RACGP Standards 5th Edition. We also assist in compliance with the National Safety and Quality Health Service Standards (NSQHS), Quality Care Pharmacy Program and Australian Cyber Security Centre’s Essential 8 strategies.
The Swiss Cheese Model is a risk management concept that is utilised, explaining in plain English, how we help our clients mitigate and eliminate security risks, through the deployment of different technologies, restrictions and controls, represented as different layers of defence, or “slices of cheese”.
In this model, the Swiss Cheese slices have randomly placed and sized holes in each slice, representing the weaknesses and shortcomings in different parts of the organisation’s IT environment. The model illustrates that the weaknesses and shortcomings present in one layer can be mitigated or eliminated in a different layer, thus having sufficient layers in place, this minimises the risk from materialising and causing actual harm.
We offer two subscription packages with the Swiss Cheese Model, both have an annual commitment and this ensures that as the threats and technologies continue to evolve, we are updating the corresponding layers, incorporating any new countermeasures and removing any obsoleted technologies, keeping your systems up-to-date and your risk minimised.
| Restrict MS Office Macros |  | |
| Antivirus / EDR | | |
| Inventory & Auditing | | |
| Web Browser Security✚ | | |
| Patch Operating Systems◇ |  | |
| Patch Applications◇ | | |
| Backup★ | | |
| Hardware Security★ | | |
| 2 Factor Authentication★✚ | | |
| User Application Hardening✚ | |
|
| Application Control✚ | |
|
| Standard Operating Environment | |
|
| Restrict Admin Privileges✚ | |
|
| Firewall | ||
| Anti-Phishing & Anti-Spam✚ | ||
| Incident Response Planning | ||
| ★ Subject to limitations by the hardware ✚ Subject to limitations by the software and/or web/cloud services ☗ Subject to compliance requirements unique to each organisation ◇ If patching fails due to unforeseen circumstances, we may charge for remediation |
||
Restrict Microsoft Office Macros
We sell, manage and secure Microsoft 365 solutions. Macros are minimum programs that can be embedded in Office documents, spreadsheets and presentations. While they are useful, they can be used for malicious intent, such as stealing sensitive information and hacking the computer. We restrict all macros by default.
Antivirus / EDR
Modern antivirus, called Endpoint Detection and Response (EDR), is a sophisticated security solution that continuously monitors and captures all activity on computers and servers. It dynamically analyses the activity using Cloud AI and if it detects anything suspicious or malicious, it will automatically take appropriate action to shut the threat down. Our recommmended endpoint security solutions are SentinelOne and Microsoft Defender for Endpoint.
Inventory & Auditing
We keep a current record of hardware specifications of computers and servers, including an inventory of installed apps. This allows us to identify any hardware that is out of warranty, experiencing predictive failure, or vulnerable to certain types of malicious attacks. The software inventory allows us to identify any unapproved software, obsoleted or unwanted software, so we can remove them to free up space.
Web Browser Security
The web browser is one of the main vectors of attack. There are a lot of fake websites, fake adverts, compromised websites with embedded malware abound on the Internet. We customise security settings and implement policies to transform the web browser into a more secure environment, to mitigate the majority of opportunistic malicious attacks while keeping legitimate content running.
Patch Operating Systems
We keep Windows, the operating system used on your computers and servers, up-to-date and secure by applying any updates that are issued by the software vendor, Microsoft, within 2 weeks of release, unless there are extenuating circumstances.
Patch Applications
We keep your line of business applications like Best Practice, Microsoft Office, Adobe Acrobat Reader, up-to-date by applying any patches or updates within 2 weeks of release by the vendor, unless there are extenuating circumstances.
Backup
A regular backup schedule is important in ensuring that you are able to recover from a disaster. We assist in configuring, monitoring, testing and updating backups and utilise the 3-2-1 backup strategy. We strongly recommend backup testing, minimum on an annual basis. Estimated restoration time is also calculated as part of the testing, which provides you with an accurate estimate of your time to recovery.
Hardware Security
Most modern computers come with hardware security features, although they may not be fully enabled. We customise the security settings in the hardware, and configure Windows, the operating system, to utilise the hardware security to bolster resilience to exploitation by malicious actors.
2 Factor Authentication
Services that we manage for you, for example Microsoft 365, offer multi factor authentication (MFA) or 2 factor authentication and we mandate this to mitigate attacks by malicious actors. We also assist you to deploy MFA for any 3rd party websites or apps that offer this as an option.
User Application Hardening
This is like putting a safety lock on your line of business applications. We configure the applications in a way that they are secure and work correctly. This can involve disabling any unnecessary or risky features that are not in use, or lowering the application’s level of access, making it less likely for exploitation by malicious actors, while still allowing them to be used by you.
Application Control
This is a security approach is designed to prevent malicious apps from running. It checks that only approved apps can be executed on the computer and also prevents the installation or use of unapproved apps. We use an “overseer” process on computers to dynamically manage this.
Standard Operating Environment
A Standard Operating Environment is like a recipe for setting up a computer system and/or environment. It’s a specific combination of operating system, software and settings that is defined as the standard to be applied across the organisation. This means all computers will have the same setup, security and settings, making it consistent across the board. This means we can quickly setup new computers, or fix issues, because every computer has the same recipe. This improves security as we can ensure the same security settings and protocols are applied everywhere.
Restrict Admin Privileges
Restricting administrative privileges is like having a VIP list for a party. Only certain people are allowed to make significant changes to the system and apps, especially changing key settings or accessing sensitive data. This prevents unauthorised access and data breaches. We identify roles and responsibilities of groups and assign people to them, allowing them to execute their responsibilities without any further system access outside of their role.
Firewall
This appliance acts as the gateway to the Internet, filtering Internet traffic before it reaches computers in your business. The firewall is combined with a security filtering subscription, which checks the data traffic flow for any malicious elements or threats, blocking them if identified. The firewall subscription also includes content filtering, making it capable of blocking Internet categories that are unwanted or unsafe, like advertising, pornography, etc.
Anti-Phishing & Anti-Spam
We deploy and maintain a robust anti-phishing and anti-spam solution, which uses AI to identify any malicious threats in attachments, or in links within the emails, before the emails are delivered to their respective mailboxes. We also curate the settings necessary to keep email flowing and minimising false positives.
Incident Response Planning
This is a set of instructions that helps you step through a series of planned actions should a cybersecurity incident occur, enabling you to get back to normal as quickly as possible. The plans include steps like preparation, detection and analysis, containment, eradication, communication, legal and recovery, and should be tested and reviewed on a regular basis.
