woman cheering at desk

Cybersafety strategy for user application hardening

9 steps to hardening your apps and operating system

Protecting your operating system from cyber-attacks involves hardening it and testing its security.

As the backbone of a device, the operating system manages apps, hardware and software to ensure the proper functioning of the device.

One way to harden the operating system and its apps is to add layers of security that make it harder for cybercriminals to breach the system. This can be achieved by following these steps:

  1. Installing all software updates: Using outdated software versions can make the system vulnerable to cyber-attacks
  2. Using a standard operating environment: All computers should run on the same software to reduce the setup changes that users can make to their own computers
  3. Controlling the types of apps that are installed and used in the operating system
  4. Reviewing the apps and functions enabled on the system to ensure that they are all necessary and removing any that are no longer used or required
  5. Managing who can make system changes like installing or uninstalling software
  6. Using software firewalls to limit inbound and outbound network connections to approved apps and services
  7. Having anti-virus software in place
  8. Considering the need for software that can prevent particular devices from being connected to workstations and servers
  9. Logging and storing actions or occurrences that can be recognized by the device’s software, such as an app being updated.

By implementing these extra steps, users can harden their operating system and apps, making it more difficult for cybercriminals to exploit vulnerabilities and launch attacks.

Source: ATO


CSIRO aids SMEs in advancing cybersecurity and digital tech R&D

CSIRO program to help SMEs advance cybersecurity and digital technology R&D

The CSIRO is helping small to medium enterprises (SMEs) enhance their research and development (R&D) knowledge with a free 10-week online program focused on cybersecurity and digital technologies.

Eligible companies can be working directly in cybersecurity, digital technologies or adjacent industries and want to improve the cybersecurity and digital technologies aspect of their offering.

The CSIRO’s Innovate to Grow: Cyber Security and Digital Technologies program commences 8 June 2023 and is available for 20-25 SMEs.

Expressions of interest to participate close 15 May.

Source: CSIRO

tradie working on a deck

Project Trust Accounts for QLD Tradies

Security of payment for tradies

Extension provided for smaller contracts

Key points

  • Nearly $10 billion is now protected for tradies under Project Trust Accounts
  • Qld Government extending commencement date for eligible contracts for up to two years – between $3 and $10 million to 1 March 2025, and over $1 million to 1 October 2025.

The Queensland Government has announced an extension of the commencement date for eligible contracts under the Project Trust Accounts (PTA) framework, providing further security of payment for tradies.

The extension allows for eligible contracts between $3 and $10 million to commence by 1 March 2025, and contracts over $1 million to commence by 1 October 2025.

The government is committed to leading the nation in the security of payment frameworks, including Minimum Financial Requirements, Retention Trust Accounts, and PTAs, which all aim to strengthen payment security for tradies and ensure safe workplaces and quality construction.

In recognition of the challenges faced by smaller builders in complying with the PTA framework, the government has formed a Steering Committee to work with software providers to develop a suitable solution for compliance.

More information about PTAs

A Project Trust Account (PTA) is an account through which project payments are received and paid. A PTA is needed for all eligible construction contracts in Queensland. A separate PTA is required for each eligible contract.

Typically, a PTA is:

  • paid into by the project owner or developer
  • managed by the head contractor
  • the account from which all subcontractors are paid
  • the account from which the head contractor pays themselves.

All other protections, including payment terms, reporting, and financial obligations (including existing Project Trust Account thresholds), will continue to require compliance and will be enforced by the building regulator.

Source: QLD Government


10 Tips on Onboarding Remote Employees

Onboarding Remote Employees

We’re seeing more businesses engage REMOTE employees and subcontractors as they try to attract the best talent, regardless of location.

Remote employment presents challenges, including ONBOARDING, which means helping employees quickly become comfortable, engaged and productive.

Here are tips on making the onboarding process a success.

1. Plan for IT needs well in advance

Employees cannot work effectively without secure access to business applications and company-supplied hardware. In addition, to set up, help may be needed on home-networking issues and explaining security protocols. Make sure this doesn’t create delays.

2. Be clear on the job description and work rules

This sounds obvious but, unlike office employees, enforcing rules and policies is more difficult. Working hours, roles, reporting lines, timelines, meeting schedules and travel protocols are just a few things which can become confusing. Flexibility may be appropriate… but it’s still essential to have clear ground rules in place.

3. Take an interest in the remote workspace setup

Some Employees have been working from home for years and are effective in a home environment. Others are novices and need a lot of guidance. The employer should ensure they have the necessary facilities like a desk, chair, laptop, phone and specialised gear, (like a noise-canceling headset), dependable internet and, possibly, a separate phone line. Develop policies around providing these to remote employees OR offering a stipend.

4. Assign a buddy

The buddy or mentor system can create a sense of belonging. It also facilitates meaningful introductions to co-workers, supervisors and managers (more than giving a list or link to a company org. chart).

5. Be aware of local employment regulations

Remote employees may operate in jurisdictions which determine withholding tax based on gross earnings, filing status, number of exemptions and pay frequency. Be aware of these rules as well as any other employer obligations like covering employee expenses arising from the discharge of their duties.

6. Stage the onboarding process

Avoid information overload. Complete onboarding in short, easy-to-digest sessions so that other important tasks don’t get neglected. Allow the remote employees time for questions as they work through onboarding.

7. Provide early exposure to development opportunities

Employers should offer professional development options which are appealing to employees – including remote employees. Make these available early so remote employees think long term about their employment future.

8. Provide a remote employee handbook

It’s worth investing in a comprehensive but simple document which anticipates remote employees’ questions and concerns. This can be shared once the contract is signed and forms part of the agenda for early meetings with the remote employee. At the very least, Frequently Asked Questions will give the remote employee confidence while saving the time of managers who need to respond.

9. Encourage collaboration

Remote employees may not be comfortable reaching out through existing channels. A buddy can help with this as can periodic team-building activities. Leaders have an important role in making team members comfortable and this may involve meeting one to one to better understand the personalities involved.

10. Happy teams are successful teams!!

Setting clear goals, good project management, clarity on roles, decisive leadership and clear communication usually leads to success in business. Teams thrive in this environment and focus on the successes versus challenges. This is especially the case for remote workers who may miss out on office activities.

In summary, work doubly hard to lay a foundation for the success of your remote employees. This initial energy and investment will yield positive long-term results.  Prepare well, document your approach and be patient!