Using cloud software like Xero, MYOB, or Salesforce? Our free whitepaper provides a foundation of cloud cybersecurity considerations to ensure your data is secure.

While it would be nice to say that security in the cloud is purely the responsibility of the cloud service provider, the reality is that such an important responsibility must be shared between the cloud provider and the consumer.

However, ‘cloud’ is a broad term that describes several different technical frameworks, and the security responsibilities are shared differently in each.

This paper will cover the three most common cloud frameworks and how security responsibilities are split between the provider and the consumer.

To discuss how to protect your data and IP, leave your details below, and an expert will contact you.

Or call us on +61 8 8238 6500

Have you ever been annoyed by those multi-factor authentication (MFA) codes that are sent to you via SMS or email when you try to log in to your online accounts? While it's true that these codes can be a bit of a hassle, they serve an incredibly important purpose - protecting your accounts from being stolen. Also, we can actually make those codes a much more seamless experience with lower friction and fewer steps to gain access to your systems.

In today's digital age, over 5 billion people are connected to the internet, and any of them are potential cybercriminals who may try to guess your username and password to gain access to your accounts.

While it's essential to use strong, unique passwords for all of your online accounts, it's not always enough to protect you from account takeovers. That's where MFA comes in. This security feature requires you to provide an additional form of verification, such as a code that is sent to your phone or email or available in an app, which is needed to log in to your account. And it's incredibly effective - MFA has been shown to block 99.99% of account takeover attempts.

Check out the whitepaper which covers MFA in more detail above.

To discuss how you can best protect your data and IP, leave your details below, and an expert will get in touch with you.

Or call us on +618 8238 6500

HOW TO MANAGE TECHNOLOGY RISK IN A SMALL OR MEDIUM-SIZED BUSINESS.

Everything you’ve heard about cybersecurity comes down to managing RISK. Even the best system isn’t 100% foolproof and there is always some risk.

Our whitepaper below focuses on managing technology and cybersecurity risks and the principles can be applied across all risk types within a business.

Put simply, managing risk is at the foundation of protecting your business, and your data and avoiding disruption.

To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.

Or call us on +618 8238 6500

Optus Data Breach - What You Need to Do

Optus Australia has suffered a major data breach, in which sensitive personal information about both past and present customers was stolen by cyber attackers. Here are some simple steps you can take to understand if you were impacted and protect yourself if you were.

Update: As of the 27th of September, the attacker has claimed to have deleted all copies of the data. Unfortunately, there is no way to verify this, and may simply be a tactic to slow people in protecting their identity. We still strongly recommend that you take appropriate steps to protect yourself in case the data has been sold or reemerges in the future.

1. Check if you were impacted
Use the chat in the My Optus app to confirm if your details were exposed. Ask them to check each email address that is associated with your account.

Optus is in the process of informing customers however they may not have current contact details, and many customers are reporting Optus emails being caught in spam and junk filters. The best thing to do is speak to Optus directly via the My Optus app and ask them to check each email address you have associated with your past or present Optus account.

2. Apply for a credit ban
If ANY of your identity documents or ID numbers were exposed, apply for a credit ban with Equifax, illion, and Experian. Credit bans prevent new credit facilities from being fraudulently taken out in your name. Fraudulent credit applications can negatively impact your credit rating, cause significant stress, and take many hours to evidence as fraudulent to businesses and debt collectors.
By default, credit bans last for 21 days and can be removed or extended if needed.
More information about credit bans can be found here.

3. Monitor your credit
If ANY of your identity documents or ID numbers were exposed, consider regularly checking your credit report and using a credit alerting service to alert you to fraudulent credit applications in your name
Monitoring your credit report and using free or paid credit alerting services will ensure you quickly become aware of fraudulent credit applications and can begin the process of preventing them early before too much damage is done.

4. Replace your Driver’s License
If your Driver's Licence number was exposed, check your state rules for replacing your Drivers Licence with one with a new licence number. It’s important to ensure you don’t just get a new card but that the license number that was exposed is changed. Eligibility for this varies depending on the state in which your licence was issued, and unfortunately, this is not possible in every state.
Optus is currently working with state licence providers for a solution for all customers.

5. Replace, Renew or Cancel your passport
If your passport details were exposed, consider a replacement or renewed passport via the Australian Passport Office. Again, ensure the new type of passport you select has a new passport number to replace the one that was exposed. Eligibility criteria for each type of new passport apply.

6. Enable Multi-Factor Authentication wherever possible
If any of your details were exposed, ensure you have Multi-Factor Authentication (MFA) in place on all your accounts, starting with the most important ones.
The details exposed in this, or other, breaches may be enough for the attacker to access your online accounts or reset your passwords, depending on the security questions each account provider has in place. MFA is a great way to prevent other people from accessing your accounts with websites and online services.

7. Be vigilant of future scams
If any of your details were exposed, be vigilant for future attempts to scam you. Exposure of your email address, physical address and phone number lets scammers know how to contact you, and exposure of your full name and date of birth allows scammers to appear to know you or appear to be contacting you from a legitimate company that holds details about you.
Be wary of anyone contacting you unexpectedly. If in doubt, ask for a reference number, hang up, find the business’s phone number on google and call them back to ensure you are speaking to a legitimate person.

8. Increased security for moving providers
To reduce the risk of an attack known as SIM swapping, where an attacker steals your phone number to bypass SMS-based MFA, Optus has implemented increased security measures for porting numbers.
If you are planning to move providers, be aware that current increased security measures mean you will need to visit a store in person with your ID to have services moved to a new provider.

9. Watch for updates
The situation is still very new, and details are emerging every day. Optus has advised they will be providing free identity monitoring services to those "most affected" by the breach but are yet to provide full details.
Optus is providing regular updates via its Media Centre, and most media outlets are following updates very closely at present.

10. Contact IDCARE for further assistance
IDCARE is Australia’s free identity and cyber support service. They have an Optus Data Breach Response Fact sheet available and can support you through this time.

This infographic is an overview of the Optus breach and what you need to do - Click to open and save the infographic.

To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.

Or call us on +618 8238 6500

ZERO TRUST – A SECURITY MINDSET FOR MODERN BUSINESSES

Long before the covid-inspired work- from-home revolution, the traditional enterprise security perimeter was already disappearing. With remote work poised to be a mainstay of future business operations, and more and more businesses adopting software as a service (SaaS) subscriptions, the idea of securing a network inside four walls is no longer relevant.

While many solutions exist that attempt to draw a secure “perimeter” around outside assets, modern best-in-class cybersecurity is based on a zero-trust approach.

“Zero-trust” is one of the hottest buzzwords in cybersecurity today. The term describes a systematic approach to minimising, or even eliminating, implicit trust and instead continuously  confirming  every  digita transaction. While traditional methods aim to protect networks and assume everything within them can be trusted, zero-trust focuses on safeguarding resources.

In a recent study of IT professionals, Australian respondents were substantially more likely (88%) than their counterparts in Malaysia (75%), Singapore (65%), India (62%), or Japan (43%) to be investigating a zero trust approach. In fact, following a sharp rise in cybersecurity incidents, more than a quarter of Australian respondents had begun implementing zero-trust in 2021 alone.

This article will cover everything businesses need to know about zero-trust and why it should form a key part of their cybersecurity strategy.

To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.

Or call us on +618 8238 6500

Passwordless authentication is accelerating quickly, especially now that Google, Apple, and Microsoft have fully committed to this future by agreeing to adopt passwordless standards and implement it in the near future. It’s well known that few users of any system follow password best practices, and modern malicious attackers have advanced password-cracking techniques at their disposal.

As large leaks of password databases become more common, weak and repeated passwords present a growing issue for businesses, while password volume and complexity have becomes a growing frustration for users.

Passwordless authentication aims to solve these issues by removing the need to remember login information, while maintaining a high level of data security. In a passwordless system, users prove their identity using one or more methods like biometrics and one-time codes.

To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.

Or call us on +618 8238 6500

Meals on Wheels SA centralises its IT environment to better coordinate thousands of daily deliveries

Almost everyone has heard of Meals on Wheels. It was first formed in South Australia (SA), in 1954. Founder Doris Taylor MBE, wheelchair-bound from an accident as a teen, empathised with the challenges of those returning home from the hospital. She noted, in the elderly in particular, that they had trouble shopping and preparing meals for themselves, often depriving them of the ability to live independently.  Meals on Wheels was her remedy. Nearly seventy years on, more than 50 million meals have made their way into SA homes. The organisation is currently providing 4,300 meals per day to customers across the state.

 Key Challenges

• The state-wide operation included a vast degree of variation among branches

• There was no single payments system and accounting was resource-intense

• COVID-19 caused a surge in demand that could only be met by a centralised model

In every other Australian state, Meals on Wheels operates as several independent entities. However, Meals on Wheels SA is a state-wide association with 80 branches. Some were established under the state-wide model, while others were independent organisations incorporated into the association - the latter managed their own affairs, with committees, treasurers, bank accounts and chequebooks. Add to this that many pre-dated the internet, set up without the benefit of computerised systems, and you get an idea of the variation within the Meals on Wheels model.

Even so, it’s a model that has served the community well for 50 years. Testimony to its success is the tenure of its volunteers. Among seven thousand volunteers, the average age is 75. David Smith, Executive Manager, Corporate Services for Meal on Wheels, recalls the first time he attended an annual award ceremony recognising long term volunteers; “There were 40 people who had been volunteering for 40 years,” he says. 

COVID-19 caused a surge in demand

When COVID-19 arrived in early 2020, hitting Australian businesses hard, Meals on Wheels wasn’t one of them. “Quite the opposite,” Smith says. A surge in demand for meal services presented the organisation with the challenge of meeting it with maximum efficiency.

Growing fast in a controlled way required digitising and automating financial processes. It also called for complete compliance with Work health and safety (WHS) standards which view volunteers as employees, governed by the same safety rules. This includes 75 to 90-year-old volunteers who'd never had to think about them before during their working lives. “They've always stood on a ladder on top of a table to change a light bulb, so why would they not do it now?” says Smith. 

Finally, the model needed to flexibly accommodate digital and non-digital interaction. Any assumption that in time everyone will become comfortable with internet-based services doesn’t take into consideration the aging population. “Just because you are computer literate now, it doesn't mean that when you're 85 or 90 you're somehow going to be magically better. And so this market for people who are getting older, and some of their capacities have diminished, they're always going to need a meal delivered to their house,” says Smith.

Meals on Wheels SA contacted Advance Business Consulting to help them cut through these requirements to arrive at a system that would allow them to grow securely with a fraction of the effort while getting more from their technology and data.

The challenge of connecting everyone

Creating a common organisational infrastructure was a priority. But not every branch had a physical office to call their own, and a few smaller branches had been relying on their own computers to log into Meals on Wheels. Smith leaned on Advance’s consultancy services to design an infrastructure capable of accommodating what Smith refers to as the “lowest common denominator of what you need a computer to be.” In this way, it would be embraced by everyone, regardless of their circumstance.

Security was top of mind. “If you have to put a secure internet connection in a branch and a managed computer, and that computer is only going to be used for one hour, twice a week, it's quite a big investment for a very small use case. Also, you don't know who's going to be using it. It might be 20 different people in a branch,” says Smith, who looked to Advance to propose the most viable security strategy.

Opportunity to streamline payments processes

Digitising and automating payments within one simple payment system was identified as an excellent way to inject efficiency into operations. In the past, Central Office would invoice the branches for meals delivered, and reimburse costs incurred by them. If those costs had been incurred directly by Central Office and not the branch, which sometimes happened, another invoice would be issued for the money to be returned. A reconciliation was completed every three months on a simple electronic cash book, to check the accuracy and retrieve surplus funds advanced but not used. There was also an exercise of distributing funds from more profitable branches to those who needed “propping up” to ensure equity across the model. Accounting in this way took time and resources that Meals on Wheels decided it would prefer to apply to service excellence.

Solutions:

• Advance standardised how branches connected to Central Office

• World-class security was built in via VPN enabled teleworker devices

• M-Files automated important processes like payments and reimbursements

One simple means of connecting

Advance migrated Meals on Wheels from Telstra 4g connections to a Cisco Meraki SD-WAN with Teleworker VPN, which has proven to be incredibly successful. Teleworker devices are not carrier dependent, for one thing, which supports the association’s need for flexible connectivity, as well as delivering world-class security. In this model, secure corporate LAN connectivity is extended to employees at remote sites via Meraki APs (access points), without needing them to install VPN software on their devices themselves. It can all be done centrally, keeping things simple. 

Added security benefits are realised through Meals on Wheels’ ability to whitelist applications, making them unavailable to users on their devices, as well as best-in-class anti-virus software. This provides better protection from hackers. “Meals on Wheels is a very well-known name, which unfortunately makes us an obvious target for cybercrime,” says David.

A unified payment system

Improving the efficiency of the outgrown payment system began with eliminating the need for branches to pay their own invoices. “How do you get at branches to be able to effectively send invoices into Central Office if they want to send them by fax, which some still do?” says Smith. “But of course, that really just pushes the workload elsewhere.”

Advance suggested M-Files, a document management system for coordinating the right information to the right people at the right time. This immediately gave branches the ability to scan an invoice, sign to confirm goods had been received, and be paid automatically. Where branches don’t always have a reliable internet connection, M-Files helps with that too: “M-Files was great because we could actually fall back to a mobile phone to do the same thing,” says Smith. “And in a couple of cases we still do use the fax, but what it means is no longer needing branches to pay any bills”

Verifying and reimbursing drivers

Additionally, M-Files was set up to support driver reimbursement. Volunteers are paid a fee per delivery for their petrol and wear and tear. “They used to be paid in cash. The driver could take the money and if they didn't, it got flipped into a bucket and then banked as a donation,” says Smith. M-Files has automated the entire process with a workflow that lets Meals on Wheels collect a declaration from drivers with their bank account details for payment. Stored securely in M-Files, it can be centrally and accurately managed. 

“We realised while we're doing this, it would be useful to check that the person we're paying a driver reimbursement to is actually a volunteer,” says Smith, explaining that people used to get roped in to be a deliverer and stay for 10 years when they're not actually on the books. If they're not registered, it means they haven't had a police check. “Right through this process, we found little added gains from simply just trying to improve a process,” Smith says.

Compliance is much easier

Driver verification is one aspect of compliance, but it’s not the only one to benefit from the new technology-enabled operational model. Meals on Wheels can now issue communications on things like Work health and safety rules to employees and volunteers with minimum effort and feel confident they have been received.

Outcomes:

• Closing the branch bank accounts saves $50,000 per year

• New employees can be onboarded, from anywhere, in moments

• Centralised management of data drives compliance across 80 branches and 7000 volunteers

When you no longer need to pay for anything by cash or cheque, you don't need money. Meals on Wheels has been able to close all its bank accounts. This simple act is saving of $50,000 per year in bank fees and transaction costs. 

Security concerns are alleviated through central controls configured by Advance that let Meals on Wheels whitelist applications and prevent people from running programs that are not supposed to.

The project, which began pre-pandemic, turned out to be well-timed since it allowed Meals on Wheels to rapidly transition to a work-from-home strategy during COVID-19 restrictions with the Meraki teleworking devices. “When our staff had to work from home, it was a trivial matter to give them a network device with a SIM card in and connect them and get them working. It was an accidental benefit that really set us in good stead.”

Since kicking off its transformation, Meals on Wheels SA has gone from strength to strength, most recently introducing a new ERP system, Pronto, for dealing with manufacturing, and other important resources, with efficiency, and creating a host of web applications using low-code development tool Intrexx, provided by Advance.  

With the expansion of services no longer a heavy lift, the sky is the limit.

CONTACT US

For any further information regarding how Advance can help implement a successful digital process in your industry, get in touch with us here. We’re here to help!

KEY TECHNOLOGY PARTNERS