Security

Each client's security requirements are different, so our consultants will work with you to determine the right balance between security, convenience, and cost. We are able to provide solutions with compartmentalised data, need-to-know access rules, or with the ability to apply jurisdiction access rules to protect industry information from competitors.

Noggin has extensive experience working with security sensitive applications for corporate and government clients, and some of our key staff have been vetted by the Commonwealth Attorney General's Office for security level of "secret".

There are many security options available such as these common ones:

Application security

• Enforce tough password selection policies to protect against brute force attacks
• High grade encryption security (128 bit / 256 bit)
• Password management and expiry procedures to prevent against long-term compromises
• 2-factor authentication using hardware tokens
• 2-factor authentication using SMS - good for when sending hardware tokens to a large number of users is unfeasible & not practical (such as online banking)
• Full access audit logs
• Role Based Access Control (RBAC)
• OS Mandatory Access Control (MAC)
• Multi-level Security (MLS)

System security

• Option of high security data centres (ASIOT4)
• Compartmentalise system accounts to limit damage if an account is compromised
• Fine tuning of the hosting environment's firewall as well as the server's firewall to minimise access at a network level
• Disabling of any non-essential remotely accessible services
• Network level security to restrict remote access to those who need it
• Encrypted file systems to prevent against physical theft
• Third party penetration tests
• System monitoring & maintenance agreements to apply security patches as soon as possible