Header Image

How likely are you to have a data breach?

On February 23, 2018, the Privacy Amendment (Notifiable Data Breaches) Act 2017 went into effect, requiring all businesses in Australia to notify the Office of the Australian Information Commissioner and any impacted clients about significant data breaches.
Failing to do so can encounter fines of up to $2.1 million.

Your data can be breached in many ways, on your devices such as computers and servers or in the cloud.

Take the following self assessment survey to determine how vulnerable you may be.
*note this is a general assessment and is not enforced by Onsite Helper, use this information at your own discretion.

Vulnerability Yes No Don't Know
Do you or your staff work remotely and connect via Remote desktop (not through a VPN) or other remote access software (e.g. teamviewer or Logmein?)
Do you or your staff use any file sync and share apps such as Dropbox, Google Drive, Onedrive on laptops or computers outside of your office?
Do your computers have a password to login as well as password login after screen saver is activated?
Do you have all your users in security groups for assigning permissions to file and folder access?
Are the passwords for all your computers and cloud services strong with at least 8 characters, complex & changed at least every quarter?
Do you remove all old/unused/unnecessary user accounts from your server and cloud services?
Have the default admin passwords been changed on your routers, servers etc?
Are there any open ports in your firewall?
Do you have hard drive encryption enabled on your laptop, desktops & servers?
Does your wireless network have access to your local computers & servers?
Are your wireless routers / access points secure against the KRACK vulnerability
Are your onsite and offsite data backups encrypted & password protected?
Do you enforce multifactor authentication for your cloud services such as email and file storage?
Do you have monitoring enabled on your computers, servers and network devices to alert IT if any issues e.g hacker trying to guess password on firewall
Are your servers secure in a locked room or locked cabinet?
Do you have hard copies (printed paper) of client or employee information