IRAP certified for Protected data.

The black-and-white answer to which external file sharing options are secure, and which are not.

There’s a fundamental question at the heart of information management. How do you collaborate with outside stakeholders when sharing information outside your four walls can introduce critical risks?

For those working with sensitive, confidential, privileged and protected data, the answer is a dedicated solution that's certified under the Information Security Registered Assessors Program (IRAP) of the Australian Signals Directorate (ASD).

There’s no such thing as almost secure.

An IRAP assessment is conducted by accredited independent third-party ICT security professionals to provide a definitive answer to which solutions meet peak national security standards, and which do not.

By applying the national Attorney General’s Protective Security Policy Framework (PSPF) and the Australian Cyber Security Centre’s (ACSC) Information Security Manual (ISM), the IRAP programme reviews over 800 controls to vet the design and implementation of software, hardware and human security.

Compliant solutions are certified for Sensitive and Protected data, which includes information that could inflict material damage to Australia’s national interest, organisations or individuals if unsecured. Recertification is required every year.

Objective Connect – IRAP assessed to Protected Level.

Objective Connect is a SaaS file-sharing application built specifically for government and regulated industries. By creating secure cloud Workspaces, it maintains control of files shared externally, ensures one agreed version of the truth and delivers a record of who did what and when.

The latest IRAP assessment of Objective Connect (completed in May 2020) concluded that the ‘environment was found to be highly compliant with ISM security control requirements at the PROTECTED level’.

Committing to end-to-end security. And proving it.

“There’s no papering over the cracks with cyber-security”, notes Chris Britton, VP. “Being IRAP assessed for Protected data means a solution must provide defence-in-depth.”

For Objective Connect, this includes:

  • Sovereign Australian hosting, support and engineering,
  • Vetting staff, physical, virtual and procedural security
  • End-to-end protection with ISM, IRAP, ISO and SOC-2 certified AWS solutions
  • Full Micro Focus Technology Alliance partnership
  • Embedded Anti-Virus (AV), AES-256; 512, FIPS 140-2 and SSL/TLS encryption, and
  • 2-step verification to ensure your access and permissions are always current

This commitment to security ensures you can share files externally with anyone you choose and no one you don’t. Because IRAP assessment includes both ‘should do’ and ‘must do’ controls, it’s important to note that not all assessment results are equal. Trusted vendors such as Objective make their assessments, certifications and penetration-tests available on request.

IRAP and the mosaic of other cloud certifications.

While IRAP is a specific Australian standard that delivers on legislative requirements including the Privacy Act, Records Act, Mandatory Breach Reporting, it’s not alone.

As a solution employed in 68 countries, Objective Connect is certified with other peak international standards including ISO9001 for management practises, ISO27001 for cyber-security practises, 27018 for risk assessment and GDPR for privacy. It is also compliant with national standards including the NZ ISM and Government Chief Digital Officer (GCDO) and the Digital Security Manual (DSM) of the UK’s National Cyber Security Centre (NCSC).

Chosen by those who know.

It’s little surprise then that the millions of users in 68 countries employ Objective Connect for secure external file sharing and collaboration including state and federal government, justice and whole-of-government agreements. To learn more about our security posture and what it means to you, talk to the Objective Team today at connect@objective.com.