CASE STUDY
Security Policy Updates
Realignment of security policies fortifies server networks & meets government specifications
SECURITY POLICY UPDATES OVERVIEW
The Need:
Update server infrastructure security policies to align with government compliance standards.
The Solution:
Thorough inspection of Security Manuals and implementation of security policies.
The Benefit:
Security protection over existing and future servers that meets security standards.
Requirement
A government financial regulations industry that oversees banks, credit unions, insurances, friendly and building societies and most superannuation industries were faced with outdated server infrastructure security policies, putting them at risk of not meeting compliance standards and failing future audits. Starboard IT’s senior system engineers worked over a 6-month engagement to configure security policies, harden their IT infrastructure and align it with Australian government information security manual (ISM) controls.
Security work was not being given the prioritization it required, left partially incomplete and not tested. Starboard IT diligently identified relevant ISM controls and utilised industry leading security tools such as the Qualys vulnerability management appliance to deploy compliant security policies across APRA’s internal infrastructure. By working closely with the operations and applications team, security changes had minimal to no impact on daily work flow.
Security updates ensured that the network of over 600 servers had consistent security policies that adequately met compliance standards while also significantly reducing the number of vulnerabilities detected. This both protected existing servers as well as future server implementation.