Menu
Services
Managed Services
An End to End Support Solution To Optimise Your
Operations, Reduce Cost and Manage Risk
Chamonix Managed Services provides access to a highly skilled team to provide your platform with the support it needs in a robust, scalable, and relevant IT support solution with expertise in Essential Eight, Environment, Application and Integration as a Service and Intelligent Automation.
Our Services
ESSENTIAL EIGHT
MATURITY MODEL
CYBER SECURITY
ENVIRONMENT
ROBOTIC PROCESS
AUTOMATION
INTEGRATION MANAGEMENT AND
ENHANCEMENT AS A SERVICE
APPLICATION MANAGEMENT AND
ENHANCEMENT AS A SERVICE
Essential Eight Maturity Model
The Essential Eight Maturity Model was developed to help organisations mitigate potential cyber security incidents. The Essential Eight provides a roadmap for organisations seeking to reduce their cyber security attack surface by detailing a minimum standard of mitigations organisations can put in place to reduce the risk of a cyber-attacks and to minimise the exposure in the event a cyber attack does occur.
Impacts and Recommendations
Cyber attacks can impact an organisation in many ways including:
- Economic Costs: Includes loss, damage or theft organisational, customer and employee data and disruption of services.
- Legal Consequences: Including data protection and privacy breach
- Reputational Damage
The Australian Cyber Security Centre recommends all organisations target Maturity Level Three. The varying levels give organisations a pathway enabling them to achieve a recognised level of compliance on their journey to Level Three.
- Maturity Level One: Partly aligned with the intent of the mitigation strategy.
- Maturity Level Two: Mostly aligned with the intent of the mitigation strategy.
- Maturity Level Three: Fully aligned with the intent of the mitigation strategy.
The Essential Eight
Application Control
Application Control or whitelisting is the practice of specifying a list of approved software applications that are permitted to be present and active on a computer system. Whitelisting is designed to protect computers and networks from potentially harmful applications.
Application Control
Application Control or whitelisting is the practice of specifying a list of approved software applications that are permitted to be present and active on a computer system. Whitelisting is designed to protect computers and networks from potentially harmful applications.
Application Patching Strategies
Most common threats use known vulnerabilities in applications, using a robust application patching strategy mitigates these risks. End of life applications (those not receiving vendor support) should be updated or replaced with supported applications
Application Patching Strategies
Most common threats use known vulnerabilities in applications, using a robust application patching strategy mitigates these risks. End of life applications (those not receiving vendor support) should be updated or replaced with supported applications
Microsoft Office macro settings
Macros allow users to group together multiple commands into a single action to complete tasks automatically. While this can be a convenient way automatically complete tasks, they are also used to execute malicious code. Strict controls should be applied to control how macros execute
Microsoft Office macro settings
Macros allow users to group together multiple commands into a single action to complete tasks automatically. While this can be a convenient way automatically complete tasks, they are also used to execute malicious code. Strict controls should be applied to control how macros execute
User application hardening
Web browsers are hardened against common intrusions such as ads, unmanaged extensions, and flash content. Microsoft Office is hardened against intrusion from plugins, objects and embedded packages.
User application hardening
Web browsers are hardened against common intrusions such as ads, unmanaged extensions, and flash content. Microsoft Office is hardened against intrusion from plugins, objects and embedded packages.
Restricting administrative privileges
Ensuring the principal of least privilege is applied. Administrative access is limited to only those users who require it. Administrative credentials are only used when performing administrative functions and have additional controls in place to prevent the exposure of administrative accounts to common attack vectors such as email and web browsing.
Restricting administrative privileges
Ensuring the principal of least privilege is applied. Administrative access is limited to only those users who require it. Administrative credentials are only used when performing administrative functions and have additional controls in place to prevent the exposure of administrative accounts to common attack vectors such as email and web browsing.
Patching Operating Systems
Operating systems patching must be implemented to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Patching Operating Systems
Operating systems patching must be implemented to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Multi-factor authentication
Operating systems patching must be implemenaMulti-factor Authentication (MFA) provides an additional layer of security protecting your accounts from being compromised with the use of two (or more) authentication methods. Examples of MFA include biometrics, software, and hardware tokens – when used in combination with a password.ted to ensure identified security vulnerabilities are not left open for exploitation. End of life operating systems must be updated or replaced with vendor supported alternatives
Daily backups
Ensuring important information is backed up in a secured manner and for a sufficient period with a high enough frequency to minimise the risk of permanent data loss. Restoration processes must be in place and tested regularly to ensure data restoration is reliable.
Daily backups
Ensuring important information is backed up in a secured manner and for a sufficient period with a high enough frequency to minimise the risk of permanent data loss. Restoration processes must be in place and tested regularly to ensure data restoration is reliable.
Outcomes
Chamonix Managed Services works with organisations to:
- Assess Essential Eight Maturity level
- Work with your organisation to assess the impact of implementing all controls required to achieve Maturity Level 3
- Establish a plan to achieve your desired Maturity Level
- Implement the required technical controls
- Conduct user training
- Setup on-going management of security controls to ensure your organisation maintains compliance.
Cyber Security
Chamonix specialises in the implementation of technical security controls. We work closely with security advisors to assist in the development of the statement of applicability. We then work with security advisors and auditors as we design, implement, test and audit the technical controls required to meet the statement of applicability.
As ACSC (Australian Cyber Security Council) Partners, we have a track record of implementing and maintaining secured environments, providing implementation of technical controls to improve security posture and achieve compliance with a number of security standards.
Our services are designed to work across various maturity levels and we commonly work with the following frameworks and programs:
ACSC Essential Eight
IRAP – Information Security Registered Assessors Program
DISP – Defence Industry Security Program
SACSF – South Australian Cyber Security Framework (formerly ISMF)
CIS Benchmark – Centre for Internet Security
ACSC ISM – Information Security Manual
Australian Digital Transformation Agency (ADTA) Blueprint
In the table provided we have listed some of the more common systems and services we work with.
Environment
For organisations looking to transition to a modern mobile way of working, our Environment as a Service offering provides a highly responsive solution that enables mobile workforces whilst maintaining a high level of security. Our team has deep experience in implementing and migrating environments, working with organisations of all sizes. We apply a strong security focus in delivering high quality, modern outcomes for our customers.
Our services include:
Cloud Migration
Management of On-Prem and Hybrid environments
Management of cloud-based environments
End user device management
IT Service Desk (Incidents, Problems, Changes, Service Requests)
Architectural advice
In the table provided we have listed some of the more larger number of systems and services we work with
Robotic Process Automation
For organisations looking to maximise value and increase employee satisfaction whilst reducing reliance of heavily manual processes, our RPA as a Service offering provides a solution to generate value quickly and cost effectively. We work with businesses to identify repetitive tasks that could be automated, analyse processes, design and implement RPA based automation solutions and manage and maintain RPA processes.
Chamonix delivers Robotic Process Automation using two primary platforms:
Automation Anywhere
UI Path
Integration Management and Enhancement as a Service
For organisations needing assistance creating or supporting integrations, our Integration Management and Enhancement as a Service offering ensures they remained aligned to the changing needs of the business. Our team can provide guaranteed availability of skilled personnel to support integrations on a basis to suit requirements.
Our services include:
Management and monitoring
Maintenance
Service Desk (Incidents, Programs, Changes, Service Requests)
Enhancements
Chamonix supports the following integration platforms:
Azure Integration Services
BizTalk
WSO2
AWS Application Integration
WebMethods
Application Management and Enhancement as a Service
Designed for organisations needing access to a development capability, our Application Management and Enhancement as a Service offering provides both support and enhancement services. From smaller requirements through to larger, more complex projects, we assist customers in keeping application and platform functionality aligned to evolving needs.
Our services cover:
Scope, Design and Build solutions
Leveraging existing platforms or build custom solutions
Management of applications and platforms
Health Checks and architectural reviews
Enhancements
Security assessments
The Managed Services application team is capable of supporting a wide variety of applications and platforms. We have listed our most common platform and technical stacks.
CHAMONIX IT CONSULTING 2021
