Header
  Home // Clients

The Department of Health and Ageing

The Department of Health and Ageing (Health) engaged Castelain to provide an independent IT Security assessment of one of their outsourced systems that processes highly sensitive personal data.

The purpose of this review was twofold:

  • to assess the adequacy of project security documentation provided by the outsourcer and to make recommendations concerning areas that would benefit from more detailed independent analysis, and
  • to make recommendations concerning the design and operation of the system and appropriate levels of data classification, in the context of ACSI 33.

Health asked Castelain to implement a number of the recommendations. These included reviewing the critical application code and the database components and reviewing of the firewall rules to ensure they were adequately protecting against external and internal threats.

The recommended actions, which included changes to the system, have now been completed. These have increased the Department's confidence that sensitive data is secure.

 

  • Home
  • About us
    • Who we are
    • Our people
    • Our leaders
    • What makes Castelain different?
    • What we do
      • Security systems architecture and design
      • Program and project management
      • Systems integration
      • Independent testing
      • Education and training
    • Our Partners
  • Expertise
    • Application security
    • Transaction security
    • Public key cryptography and digital signatures
    • Public key infrastructure
    • Identity management and access control
    • Mergers and acquisitions
    • Security policy and compliance
    • Risk management
    • Security controls
  • Clients
    • Commerce
      • KAZ
      • Altnet
    • Finance
      • Major Australian bank
      • Commonwealth Bank
    • Government
      • New Zealand Government Ministry of Justice
      • Australian Customs Service
      • Australian Tax Office
      • Department of Industry, Tourism and Resources
      • NSW Office of State Revenue
      • CrimTrac
      • Department of Health and Ageing
      • Tradelink
      • TradeVAN
    • Utility
      • Integral Energy
  • Technology
    • Secure Internet Portal
      • Overview
      • Security
      • Integration
  • Publications
  • Contact
Contact us