Services
Managed Services
An End to End Support Solution To Optimise Your
Operations, Reduce Cost and Manage Risk
Chamonix Managed Services provides access to a highly skilled team to provide your platform with the support it needs in a robust, scalable, and relevant IT support solution with expertise in Essential Eight, Environment, Application and Integration as a Service and Intelligent Automation.
Our Services
ESSENTIAL EIGHT
MATURITY MODEL
CYBER SECURITY
ENVIRONMENT
ROBOTIC PROCESS
AUTOMATION
INTEGRATION MANAGEMENT AND
ENHANCEMENT AS A SERVICE
APPLICATION MANAGEMENT AND
ENHANCEMENT AS A SERVICE
Essential Eight Maturity Model
The Essential Eight Maturity Model was developed to help organisations mitigate potential cyber security incidents. The Essential Eight provides a roadmap for organisations seeking to reduce their cyber security attack surface by detailing a minimum standard of mitigations organisations can put in place to reduce the risk of a cyber-attacks and to minimise the exposure in the event a cyber attack does occur.
Impacts and Recommendations
Cyber attacks can impact an organisation in many ways including:
- Economic Costs: Includes loss, damage or theft organisational, customer and employee data and disruption of services.
- Legal Consequences: Including data protection and privacy breach
- Reputational Damage
The Australian Cyber Security Centre recommends all organisations target Maturity Level Three. The varying levels give organisations a pathway enabling them to achieve a recognised level of compliance on their journey to Level Three.
- Maturity Level One: Partly aligned with the intent of the mitigation strategy.
- Maturity Level Two: Mostly aligned with the intent of the mitigation strategy.
- Maturity Level Three: Fully aligned with the intent of the mitigation strategy.
The Essential Eight
Application Control
Application Control or whitelisting is the practice of specifying a list of approved software applications that are permitted to be present and active on a computer system. Whitelisting is designed to protect computers and networks from potentially harmful applications.
Application Control
Application Control or whitelisting is the practice of specifying a list of approved software applications that are permitted to be present and active on a computer system. Whitelisting is designed to protect computers and networks from potentially harmful applications.
Application Patching Strategies
Most common threats use known vulnerabilities in applications, using a robust application patching strategy mitigates these risks. End of life applications (those not receiving vendor support) should be updated or replaced with supported applications
Application Patching Strategies
Most common threats use known vulnerabilities in applications, using a robust application patching strategy mitigates these risks. End of life applications (those not receiving vendor support) should be updated or replaced with supported applications
Microsoft Office macro settings
Macros allow users to group together multiple commands into a single action to complete tasks automatically. While this can be a convenient way automatically complete tasks, they are also used to execute malicious code. Strict controls should be applied to control how macros execute
Microsoft Office macro settings
Macros allow users to group together multiple commands into a single action to complete tasks automatically. While this can be a convenient way automatically complete tasks, they are also used to execute malicious code. Strict controls should be applied to control how macros execute
User application hardening
Web browsers are hardened against common intrusions such as ads, unmanaged extensions, and flash content. Microsoft Office is hardened against intrusion from plugins, objects and embedded packages.
User application hardening
Web browsers are hardened against common intrusions such as ads, unmanaged extensions, and flash content. Microsoft Office is hardened against intrusion from plugins, objects and embedded packages.
Restricting administrative privileges
Ensuring the principal of least privilege is applied. Administrative access is limited to only those users who require it. Administrative credentials are only used when performing administrative functions and have additional controls in place to prevent the exposure of administrative accounts to common attack vectors such as email and web browsing.
Restricting administrative privileges
Ensuring the principal of least privilege is applied. Administrative access is limited to only those users who require it. Administrative credentials are only used when performing administrative functions and have additional controls in place to prevent the exposure of administrative accounts to common attack vectors such as email and web browsing.
Patching Operating Systems
Operating systems patching must be implemented to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Patching Operating Systems
Operating systems patching must be implemented to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Multi-factor authentication
Multi-factor Authentication (MFA) provides an additional layer of security protecting your accounts from being compromised with the use of two (or more) authentication methods. Examples of MFA include biometrics, software, and hardware tokens – when used in combination with a password.ted to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Daily backups
Ensuring important information is backed up in a secured manner and for a sufficient period with a high enough frequency to minimise the risk of permanent data loss. Restoration processes must be in place and tested regularly to ensure data restoration is reliable.
Daily backups
Ensuring important information is backed up in a secured manner and for a sufficient period with a high enough frequency to minimise the risk of permanent data loss. Restoration processes must be in place and tested regularly to ensure data restoration is reliable.
Outcomes
Chamonix Managed Services works with organisations to:
- Assess Essential Eight Maturity level
- Work with your organisation to assess the impact of implementing all controls required to achieve Maturity Level 3
- Establish a plan to achieve your desired Maturity Level
- Implement the required technical controls
- Conduct user training
- Setup on-going management of security controls to ensure your organisation maintains compliance.
Cyber Security
Chamonix specialises in helping organisations increase their security posture by implementing mitigations and protecting against various cyber security threats.
As ACSC (Australian Cyber Security Council) Partners, we have a track record of implementing and maintaining secured environments, providing implementation of technical controls to improve security posture and achieving compliance for our customers against a wide range of security frameworks.
- ACSC Essential Eight Maturity Model (2017 and 2021)
- IRAP – Information Security Registered Assessors Program
- DISP – Defence Industry Security Program
- SACSF – South Australian Cyber Security Framework (formerly ISMF)
- CIS Benchmark – Centre for Internet Security
- ACSC ISM – Information Security Manual
- Australian Digital Transformation Agency (ADTA) Blueprint
We have a wide variety of services and engagement models that we would love to talk to you about. Some of the more commons ways we engage with customers are as follows follow:
- Assessment of Essential Eight Maturity Model Alignment and remediation services to the recommended/required maturity level.
- Ongoing security services to provide continuous improvement to maturity level over time.
- Security information and event management (SIEM)
- Implementation of Cloud Hosted and Zero Trust Business Operating Environments.
- Uplift of Existing Cloud Hosted and Hybrid Environments
- Ongoing management of cyber security controls and IT environment
- Migration from On-Prem to Secured Cloud Hosted Environments
- Compliance options across a range of frameworks including Essential Eight Maturity Model, DISP and IRAP up to PROTECTED level*
Chamonix can provide high-level assessments against a number of frameworks to serve as the basis for a robust cyber security roadmap.
In the table provided we have listed some of the more common systems and services we work with.
End User Device Management | Server/Service Management | Centralised Logging | Microsoft 365 | Additional Services |
Patch management Drive and media (USB) management & encryption Device hardening Advanced threat protection Application whitelisting Application hardening Mobility | Backup / DR Patch management Server and application hardening & whitelisting Database management Other ISM Security controls including:
| SIEM Services including Azure Sentinel and Splunk Event Centralization and Management Real-time alerting & automated ticket creation Proactive action Dashboards & Search Monitoring Essential 8 reporting and compliance Access anomalies Brute force detection DevSecOps | Data Loss Prevention (DLP) Microsoft Defender (Office, Azure, Windows) Cloud App Security Intune Mobile Device Management Conditional Access Multifactor Authentication (MFA) Self-Service Password Reset Azure Information Protection Email Management eDiscovery and Retention | Training in the use of the listed controls DevOps and Secure Development Practices\Analysis and Business Continuity Assessment |
*Chamonix does not provide audit services and strongly recommends (as advised by the ACSC) that any audits are conducted by an independent third party.
Environment
For organisations looking to transition to a modern mobile way of working, our Environment as a Service offering provides a highly responsive solution that enables mobile workforces whilst maintaining a high level of security. Our team has deep experience in implementing and migrating environments, working with organisations of all sizes. We apply a strong security focus in delivering high quality, modern outcomes for our customers.
Our services include:
Cloud Migration
Management of On-Prem and Hybrid environments
Management of cloud-based environments
End user device management
IT Service Desk (Incidents, Problems, Changes, Service Requests)
Architectural advice
In the table provided we have listed some of the more larger number of systems and services we work with
Robotic Process Automation
For organisations looking to maximise value and increase employee satisfaction whilst reducing reliance of heavily manual processes, our RPA as a Service offering provides a solution to generate value quickly and cost effectively. We work with businesses to identify repetitive tasks that could be automated, analyse processes, design and implement RPA based automation solutions and manage and maintain RPA processes.
Chamonix delivers Robotic Process Automation using two primary platforms:
Automation Anywhere
UI Path
Integration Management and Enhancement as a Service
For organisations needing assistance creating or supporting integrations, our Integration Management and Enhancement as a Service offering ensures they remained aligned to the changing needs of the business. Our team can provide guaranteed availability of skilled personnel to support integrations on a basis to suit requirements.
Our services include:
Management and monitoring
Maintenance
Service Desk (Incidents, Programs, Changes, Service Requests)
Enhancements
Chamonix supports the following integration platforms:
Azure Integration Services
BizTalk
WSO2
AWS Application Integration
WebMethods
Application Management and Enhancement as a Service
Designed for organisations needing access to a development capability, our Application Management and Enhancement as a Service offering provides both support and enhancement services. From smaller requirements through to larger, more complex projects, we assist customers in keeping application and platform functionality aligned to evolving needs.
Our services cover:
Scope, Design and Build solutions
Leveraging existing platforms or build custom solutions
Management of applications and platforms
Health Checks and architectural reviews
Enhancements
Security assessments
The Managed Services application team is capable of supporting a wide variety of applications and platforms. We have listed our most common platform and technical stacks.
