We use multiple sources to manage technical vulnerability management, these include:
- Notifications and patches from vendors
- Multi-State Information Sharing and Analysis Centre (MS-ISAC)
- Apple product security
Information systems are regularly reviewed for compliance with the information security policies and standards. This includes but is not limited to:
- Annual penetration testing
- Weekly vulnerability scanning where applicable
- Reviewing our security management system reports and audit information
- Dependabot
Please note, we do not disclose the results from penetration testing or vulnerability reports as they contain sensitive information related to our own security.
Software control
The installation of software on organisation devices is restricted to approved or Apple (signed)/Auto-Update software titles only, unless there is a requirement for development, recreation of environments for testing or support. All installations are controlled, logged and monitored.
Need further support?
If you still require assistance with us or have any further questions, please raise a ticket with our support team.
Alternatively, please see our frequently updated knowledge base articles for reference.