Essential 8
Hosting
Many organisations in government are required to meet Essential 8 Level 3 as a minimum for internet connected services. Essential 8 is a fantastic framework to judge your level of cybersecurity and we encourage all our customers to select a level between level 1 and level 3 for their hosted server. Summary details of the Essential 8 guidelines can be viewed on the Australian Cyber Security Centre's web site here.
Configurations can be customised to suit the requirements of your applications and of course, Windows Server VMs can also be hosted (contact us to discuss requirements).
The monthly hosting fee includes
All machines incur a once of setup fee of $149, which includes setting up the virtual machine, insertion of custom firewall rules (not IPS) in the border firewall, Nagios monitoring of CPU load, memory use and disk space, and configuration of standard backups.
Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within one month of the security vulnerabilities being identified.
Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within two weeks of the security vulnerabilities being identified.
Patches for extreme risk security vulnerabilities in web server software, server applications that store important (sensitive or high-availability) data, and other internet-accessible server applications are applied and verified within 48 hours for all servers.
Please note that at some time the hosted version of the operating system will cease to be supported by the relevant Vendor, INCUB8s patching service does not include version migrations required to return the system to vendor supported status.
Sometimes the automated application of Vendor patches results in a system failure, requiring recovery of the system and/or unwinding of patching to restore services. We don't anticipate this happening often (hopefully not at all), but if patching fails or causes a failure we offer remedial services on an hourly rate
Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within one month of the security vulnerabilities being identified.
Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within two weeks of the security vulnerabilities being identified.
Patches for extreme risk security vulnerabilities in web server software, server applications that store important (sensitive or high-availability) data, and other internet-accessible server applications are applied and verified within 48 hours for all servers.
Please note that at some time the hosted version of the operating system will cease to be supported by the relevant Vendor, INCUB8s patching service does not include version migrations required to return the system to vendor supported status.
Sometimes the automated application of Vendor patches results in a system failure, requiring recovery of the system and/or unwinding of patching to restore services. We don't anticipate this happening often (hopefully not at all), but if patching fails or causes a failure we offer remedial services on an hourly rate
Essential 8 Level 1 requirements are met by standard practice with a once off test of a full restore, see below for restore testing. Optionally longer retention times can be purchased from $25/month.
Essential 8 Level 2 requirements are met by standard practice with a once off test of a full restore and annual test of partial restores, see below for restore testing. Longer retention times can be purchased from $25/month.
Essential 8 Level 3 requirements are met by opting in to longer retention times (starting from $25/month) and a once off test of a full restore and annual test of partial restores, see below for additional restore testing pricing.
Where the hosted system has features accessible from the public internet we strongly recommend enhancing security by deploying an application/use specific Intrusion Protection Policy and firewall rules on the Sophos XG border firewall.
This includes tailoring of an IPS policy to specifically target attacks on the platform and services used on the server. Additionaly, we strongly encourage limiting access to the server to defined geographic regions if the business case allows, as a great deal of hacking activity may originate from regions of the world not relevant to your business.
Our experience suggests this needs review about once every three months to ensure any new categories of signatures that are relevant have been included. New signatures in targeted categories are automatically included.
Intrusion protection reports are reviewed daily by INCUB8 staff and indications of elevated hacking activity affecting a clients machine will result in notification of the client and discussion of mitigation strategies. These tools are very helpful in identifying attacks before systems have been penetrated.
INCUB8 has a wealth of experienced people well used to deploying servers and applications for small and medium corporates and government. Our five most senior staff have over 100 years of experience between them. Should a client have additional requirements beyond the hosting services offered above we are happy to plan, price and implement a system or systems to meet those requirements. If a hosted machine requires additional software installed or applications upgraded we are also able to assist with that. Our hourly rates start from a very reasonable $150 for an experienced Systems Administrator
Remote – Often the most efficient way to resolve issues is to reach out using Team Viewer. One of our qualified, experienced and Perth-based technical support consultants can connect and remotely resolve your problem, having you back up and running in no time.
On Site – If an issue cannot be resolved remotely, such as hardware problems, internet connectivity issues – or if you just want to see one of our pretty faces, an INCUB8 technical support consultant can provide onsite IT support in your workplace.
Do you need eggspert third-level technical support? How about a database administrator or programmer? INCUB8 have people who can provide the IT services & expertise you need on an hourly, daily or project basis.
INCUB8 are able to offer VPN services for
INCUB8 can manage the complete lifecycle of your ICT Infrastructure using an agile process model.
Requirements – One of our Senior Eggsperts will meet with you to understand the requirements and constraints.
Design – Using the requirements, we develop a plan and provide independent technology advice.
Procure – We will work with your hardware suppliers or ours to procure the best equipment.
Implement – A dedicated Project Manager will plan the implementation and communicate with you throughout the project.
Maintain & Monitor – We will develop a maintenance schedule to ensure your ICT Infrastructure is secure and operating effectively. We understand that this stage must balance your business needs and budget.
Review – We will schedule regular reviews to assess new requirements and technology options available to further improve business operations.
© 2019 INCUB8 Applications & Hosting Pty Ltd. All rights reserved. Privacy Policy. Terms & Conditions.