Sensitive information is protected from unauthorised access even if there are breaches at the physical or network level. This is achieved through encryption of data at rest, in transit and in use.
Identity and Access Management
Strong identity and access controls based on user roles and permissions with multi-factor authentication (MFA) are enforced for all accounts.
Regularly apply security patches to cloud infrastructure components, virtual machines, and software to protect against known vulnerabilities.
Incident Response and Disaster Recovery
Incident response and disaster recovery plans are tested on a regular basis to mitigate potential damages caused by security breaches or service disruptions.
Compliance and Regulations
Airdocs implements a strict Information Security and Privacy Governance Framework that is aligned with the ISO 27000 series and the Australian Governments Information Security Manual. The framework includes policies, patterns, standards, processes, procedures that implement with key principles and practices of the industry standards. Airdocs adheres to CPS 234 and in particular attests to all the security controls required by a CPS 234 regulated entity.