Contents
A security-first approach
At 6clicks, our unwavering commitment to security and data privacy drives every aspect of our operation. Led by world-class cybersecurity experts, spearheaded by Andrew Robinson, 6clicks Co-Founder and a distinguished professional with an impressive list of certifications, including CISSP, CISM, SABSA SCF, ASD IRAP, ISO 27001 LA, JAS-ANZ TE & Assessor, our Security Team stands at the forefront of safeguarding sensitive data.
To maintain the highest cybersecurity standards for our esteemed commercial partners, we operate an ISO/IEC 27001 certified management system and IRAP assessed platform. Our security-first approach ensures that all sensitive data remains securely safeguarded at all times. Privacy and security are deeply ingrained in our DNA, reflected in the robust security and privacy policies established as part of our ISO 27001 certified Information Security Management System (ISMS).
In our pursuit of excellence, we have partnered with Microsoft, leveraging the world-renowned Microsoft Azure for hosting our primary 6clicks SaaS platform. By building on this strong foundation, we optimize security and ensure a reliable and secure infrastructure for our valued clients in a wide variety of regions.
Rigorous assessment for enhanced security
Our 6clicks for Government (Australia) environment, hosted in Microsoft Azure Australia Central 1 (Canberra Data Centres), has undergone rigorous IRAP assessment, further reinforcing our commitment to safeguarding sensitive data.
Data protection is at the heart of our operations. To ensure data integrity and confidentiality, 6clicks utilizes industry standard and government-approved encryption methods, employing Transport Layer Security (TLS/HTTPS with HSTS) for data in transit and AES-256 bit encryption for data at rest.
Proactive security measures
We take proactive measures to maintain a robust security posture. Regular monitoring, vulnerability scanning, and penetration testing are carried out to identify and address potential vulnerabilities. Our approach allows us to adapt our countermeasures promptly, mitigating risks effectively.
Upholding Our Security Commitment - Our Guiding Principles:
- Build on strong foundations: Our partnership with Microsoft Azure empowers us to leverage its rich feature set, securing our infrastructure and reducing our workload significantly.
- Involve everybody: Security is a shared responsibility. Our executive team sets the tone, ensuring accountability for security, with a designated CISO overseeing our security initiatives. We communicate policies and continuously monitor our security program with the involvement of independent advisors, testers, customers, and regulators.
- Maintain persistence: Our established Information Security Management System (ISMS) ensures that security activities occur consistently. Constant real-time monitoring, vulnerability scanning, penetration testing, and ongoing training keep us vigilant and prepared.
- Be transparent: Transparency is key to building trust. We openly share detailed information about our security arrangements under confidentiality agreements. While we acknowledge that perfection is elusive, we are eager to share our continuous efforts to improve.
The role of the security team at 6clicks
Our Security Team plays a crucial role in providing essential security services, setting enterprise-wide security standards, and offering advisory services to keep our business safe while managing risk. We work across the company to build secure software, protect our customers and team, and maintain strong security practices.
Our base of operations
Our base of operations in Melbourne, Australia, serves as the heartbeat of 6clicks' security endeavours. Nestled in a vibrant city known for its cultural diversity and innovation, our team thrives amidst an atmosphere of forward-thinking and cutting-edge technology.
6clicks Security team using our own 6clicks platform
Internally, we utilise 6clicks as our GRC tool, seamlessly integrating its capabilities into our daily operations. Here's what we love about the 6clicks platform:
- Hailey AI's Control Mapping: A game-changer that significantly reduces manual efforts, streamlining processes and enhancing efficiency.
- Trust Portal: A gateway to transparency, offering effortless accessibility for customers to gauge our security posture.
- Content Library: An expansive repository granting easy access to diverse standards, laws, and regulations, fostering a comprehensive and informed approach.
Pioneering a secure future
As we look ahead, we're dedicated to further empowering our clients in effectively managing their security and risk programs. Our commitment to enhancing our security posture within the 6clicks ecosystem remains unwavering, as we continuously pursue additional certifications to stay at the forefront of security standards.
At 6clicks, delivering trust through robust security and data privacy practices is not just a commitment—it's our passion. We will continue to innovate, evolve, and collaborate to safeguard your data and earn your confidence. Join us on this journey of trust and peace of mind.
Written by Andrew Robinson
Andrew started his career in the startup world and went on to perform in cyber and information security advisory roles for the Australian Federal Government and several Victorian Government entities. Andrew has a Masters in Policing, Intelligence and Counter-Terrorism (PICT) specialising in Cyber Security and holds IRAP, ISO 27001 LA, CISSP, CISM and SCF certifications.
