Success led by values

We are ISO27001 certified (an international organisation for standardisation) and thus, privacy and data security underscores our culture and values, as well as our policies and procedures. We are one of the first Australian companies to gain ISO27001 Information Security Management System certification and we have held this certification for over a decade. This is subject to annual recertification and bi-annual certification audits by Lloyds. As a result, stringent systems, policies and procedures are strictly maintained.

Technology Security

  • Firewall rules follow POLP “principle of least privilege”
  • Protection against Trojans and viruses through anti-virus on servers and desktops, email gateways and internet filters
  • Regular automated patching procedures to ensure that security updates are applied in a timely manner
  • Regular penetration tests and scans to ensure that the network and systems are secure
  • Data captured will continue to be stored in the Australian based environment and preferably one belonging to the client
  • Security event log files are centralised and regularly reviewed for suspicious activity
  • Restricted web and email access. (that is, work-related sites that are whitelisted, no email except corporate email, which is logged and monitored)
  • Bring your own devices (BYOD) such as phones and tablets are restricted to break out areas and are locked up during work hours

Physical Security

  • A-grade CDB based building with 24/7 Security
  • CCTV (entry/exit points and at sensitive areas)
  • Alarm systems
  • Photo ID access cards and biometric appropriate access controls in place for Malaysia, Philippines and Vietnam.
  • Secure desktop policy (PCs locked when staff leave desk, clean desk policy)
  • Visitor sign-in requirement and visitors escorted on premises
  • Dedicated sensitive areas with restricted access

Human Resource Security

  • Employer of choice, ensuring access to the best candidates who are highly skilled Australian, UK and US educated
  • Minimum of two reference checks conducted for all new staff
  • Background checks and police checks conducted
  • Policy training during induction (for all staff) in relation to information security and the protection of confidential information
  • Requirement for all staff to sign and be bound by confidentiality/non-disclosure agreements
  • Effective management team and structure
  • Ongoing development for all our staff including management
  • Generous remuneration and benefits
  • A culture that focuses on integrity – we will not tolerate a lapse in our values

Desktop Security

  • Locked down environment to prevent unauthorised removal or duplication of data
  • Utilisation of thin client ensuring no offshore storage capability, USB/Firewall or CD/DVD read/write (unless exempted for specific requirements).
  • Access to external email and internet webmail are denied (unless exempted for specific requirements)
  • No Printers – Dual screens used instead (unless exempted for specific requirements)

Information Technology

Since ASW’s client base is varied and has different compliant/regularity requirements, we will integrate our partners’ information and communication technology, security, and compliance needs in a bespoke manner to ensure that we can accommodate both simple and complex requirements.

Equipped with the latest information technology

All ASW team members are fully equipped with the latest information and  communication technology, including hardware and software to ensure efficiency of workflow between our partners and the ASW team. This is crucial to assure a high-performing working environment, which is significant to talent acquisition and retention.

ASW’s internal IT department supports our partners in the initial stages of onboarding their new team to ensure all IT requirements are met and integrated successfully. Our IT Team will ensure constant communication and assistance of any ongoing maintenance that follows (if needed). We also provide 24/7 support and assistance for the ongoing maintenance of the delivered solution. Our aim is to  minimise change for our partners and maximise  work efficiency for their business needs by integrating our current IT infrastructure with our partners’ existing frameworks.

All our systems are highly maintainedin a secure, private cloud environment, and hosted in Australia by ASW. When it comes to new technologies in the market, we work closely with our partners to learn and achieve them.