Is SECTARA™ able to be used in countries other than Australia?
Absolutely – as a Software-as-a-Service (SaaS) you may access SECTARA™ from anywhere that has an Internet connection. Even better, you have the confidence that Sensitive Data is encrypted at field-level (meaning that even we cannot see it in unencrypted form), and our data host (Amazon Web Services) is formally accredited to host Australian Government data.
Data is hosted within an AWS data centre in Sydney, Australia. Over the next 12 months, regional hosting hubs will be established globally to extend our ability to meet data residency requirements for those users who need it.
Are there any discount arrangements for subscribers?
Yes. Subscribers are entitled to a 10% discount on fees for each standard plan when they choose annual payment frequency*. Refer to the SECTARA® Website and Service Terms and Conditions and the Pricing page for further details.
*Standard plans are Bronze, Silver and Gold; subscribers must sign up to standard plans via the website to be eligible.
Does SECTARA™ have any restrictions?
Restrictions are by design and relate to the type of plan that has been selected and the roles of different user types.
Each plan includes a specified number of permitted users, concurrent assessments and entities (i.e. organisations/business units).
Regardless of which plan you choose, there are five user roles that may be created, including:
- Account Administrator (x1).
- Organisation Administrators.
- Business Unit Administrators.
- Assessors.
- Viewers.
Refer to our Pricing page, or contact us for further details.
Who has access to my data?
In short, and as security practitioners ourselves, we know that platform security is critical. SECTARA leads security assurance in this this class of SaaS application and has the following arrangements to preserve data confidentiality, integrity and assurance:
- SECTARA has been assessed as compliant with the Australian Government’s IRAP certification scheme. A direct comparison with the scheme lies in the fact that there are around three times as many controls for our platform than those documented under the ISO 27001 standard.
- Data that you create within SECTARA™ is encrypted at rest and in transit using TLS and AES.
- By design, only two System Administrators have access to SECTARA’s live data environment; both are Australian citizens and hold high-level Government security clearances.
- Policies restrict those System Administrators from accessing Sensitive Data (such fields simply show as “Restricted’ from the back end).
- Other than through customer use/access, there are no circumstances where assessment data leaves the production environment.
- All users are able to apply multi-factor authentication to their accounts.
In order to facilitate commercial activities, such as providing support to SECTARA™ subscribers, SECTARA™ administrators have strictly controlled access to other information (names, email addresses etc.)
Our SECTARA Website and Service Terms and Conditions define security arrangements more generally.
What arrangements exist to protect privacy?
Our Privacy Policy details how we manage our various privacy obligations, including the Australian Privacy Act 1988 and the GDPR regime.
What happens if a force majeure event occurs?
SECTARA™ data is backed up in real-time within Amazon Web Services (AWS), meaning that, if a major unforeseen event does occur, data will be restored within AWS Service Level Agreement (SLA) timeframes. In addition to this, the AWS SLA includes the assurance that “AWS will use commercially reasonable efforts to make the Included Services for each AWS region available with a Monthly Uptime Percentage of at least 99.99%”.
What happens if the question I want answered isn’t here?
Contact us to ask it and we’ll also update the FAQ section to include it for anyone else who has the same question.
SECTARA™ is presently optimised for most browsers, with the exception of Internet Explorer (IE); this includes the latest version of iOS for iPad.