Centra assists with Developing an Information Security Management Practice for Not for Profit Client.
Centra looks at ways of improving workflow and managing operations in the event of security incidents to reduce any adverse business impacts, while ensuring that regulatory compliance requirements are being adhered to. This case study shows how working with Centra to focus on what happens when a security incident occurs helped the Foundation to develop a process to uncover the mission critical applications, data and processes that need protection.
Our Client – Not for Profit Health Sector
Our client inspires the community to invest in patient care initiatives, including staff education, medical and clinical research with the aim of saving and improving lives by:
- funding centres of excellence that undertake clinical research;
- grants to young first-time researchers, embarking on their career as a clinician and potential clinical researcher;
- funding equipment for research;
- training professionals;
- promoting health education in the community.
Where to begin? Delivering cost effective security monitoring & reporting
Small businesses need to protect against the same cyber-attacks and maintain the same industry and government data regulations as large companies.
In our client’s case, their systems lacked the protection to safeguard attacks and meet compliance requirements.
They needed an effective and efficient management system for their information security. In essence, an affordable solution to solve their security issues involving:
- mapping the process
- detection analysis
- recovery and
- post-incident activities.
Essentially, a comprehensive blueprint to provide an affordable, scalable and systematic Information Security program, relevant for their organisation.
Start with Security Incident Management
The best place to start with our information security compliance alignment activities is to develop an effective and efficient procedure for the management of security incidents. Focusing on what happens when a security incident occurs helps us to develop a blueprint to uncover the mission critical applications, data and processes we need to protect. Once we’ve done that we can build formal IT and information security policies with supporting directives and operational tools to provide and demonstrate alignment with compliance requirements.
Control and manage access to sensitive information
✓ Data encryption. Microsoft 365 E5 only allows authorised users to open/view documents – so even if they leave your business, you are still protected
✓ Safe Links. Strips phishing and ransom ware links and attachments from emails so users can’t click on them.
✓ Double identity check. Microsoft 365 E5 makes multi-factor authentication simple to ensure users are who they say they are before giving them access.
✓ Intelligent defence. Microsoft 365 E5 provides advances threat detection using the industry’s most extensive threat intelligence network to identify new and evolving threats before they impact your business.
✓ Wipe them. Microsoft 365 E5 lets you remotely wipe any lost or stolen device.
✓ Be productive – and safe. Microsoft 365 E5 ensures business information on mobile phones is encrypted.
The Benefits – Centra Helps Not for Profit to achieve Strategic Goals
In order for IT and security to be aligned with our client’s strategic goals, there must be a clear link to show how security functions support the business. Stakeholders and Centra worked together to review cost effective tools, such as Microsoft 365 E5, and strategies to develop a holistic security solution to deliver measurable outcomes on our client’s strategic goals while keeping within their budget.
Written by Mark Stevenson
Follow Our Blogs
Keep up to date with informative blogs from our Brisbane Platinum Partners members. Delivered straight into your inbox and free to join!