APAC Trust Centre
Welcome to Allegis Group APAC's Security Portal. Our commitment to data privacy and security is embedded in every part of our business where we have built a "security first" ethos. With a focus on staffing and recruitment services, we handle a lot of personal data and thus security isn’t just a feature. It’s at the core of what we do. We are happy to share our security practices to provide assurance in our processes and procedures. We will keep this portal updated regularly. You can also subscribe to receive update notifications.
Use this portal to learn about our security and privacy posture and request access to our security documentation.
APAC Trust Centre Updates
Our SIG Lite Self Assessment XLS is now online.
Customers and Partners,
In June 2023 it was announced a wave of cyber attacks and data breaches that began in May 2023 were due to a vulnerability that was discovered in MOVEit, a managed file transfer software. MOVEit is a managed file transfer software developed by Ipswitch, Inc., a subsidiary of Progress Software. A vulnerability in MOVEit allows attackers to steal files from organizations through SQL injection on public-facing servers. The transfers are facilitated through a custom web shell identified as LemurLoot. Disguised as ASP.NET files used legitimately by MOVEit, LemurLoot can steal Microsoft Azure Storage Blob information.
Allegis Group is currently following standard operating procedures that include identifying any instances of MOVEit being utilized by any internal organizations, reviewing our environment for any known indicators of compromise or abnormal behavior. Following industry recommendations and released information, we are continuing to investigate and look for any system abnormalities. Currently, we are not aware of any use of MOVEit within the Allegis Group environment and no abnormal behavior has been identified.
Maintaining the security, confidentiality and integrity of your information is paramount to Allegis Group and is required to successfully deliver our services and maintain our trusted business relationships. Allegis Group maintains an Enterprise Information Security Program based on ISO 27001 controls and the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF), as well as dedicated personnel to continuously monitor, maintain, and improve the security of its systems and processes. This program has been designed to identify, contain, and mitigate threats and vulnerabilities as they arise.
Thank you, Andrew Sheppard Chief Information Security Officer
As an organisation that is security conscious and values security, we are excited to announce the official launch of the Allegis Group APAC's Trust Center. By using this portal, you can request access to our compliance documents, review our standardised questionnaires such as the SIG, CAIQ, MVSP and gain a general understanding of our security & privacy posture.
Over time, our team will be making changes to this portal as we implement new tools and processes in our environment. You can use the Subscribe button to receive email notifications for when our team has an important update, such as if we have an updated compliance report or if we have a status update regarding a major security vulnerability that has been recently discovered.
If you think you may have discovered a vulnerability, please send us a note.