Interfront 2024 Annual Report

INTERFRONT ANNUAL REPORT 2024 Information and Communications Technology (ICT) ICT has been pivotal in minimising operational disruptions and ensuring continuity by providing comprehensive support to staff members, most of whom continue to work remotely. Through robust infrastructure, seamless communication tools and responsive technical assistance, ICT has enabled employees to maintain productivity and efficiency, despite the challenges of remote work. Some of the initiatives and successes are highlighted below. Security • The company implemented several critical infrastructure and security enhancements to ensure robust and secure operations. The highlights of these initiatives reflect a commitment to maintaining a high standard of operational security. • Improvements in IT security were continued with the full implementation of Microsoft multifactor authentication (MFA) and the introduction of privileged access management (PAM) to control and audit access more effectively. • We implemented email security and conducted an extensive internal vulnerability audit to reinforce our IT security framework. • Existing IT security vulnerabilities were addressed and application vulnerabilities integrated into our remediation processes. Disaster Recovery • Interfront upgraded the disaster recovery infrastructure and designed a new backup architecture, significantly enhancing our disaster recovery capability. • By conducting multiple departmental disaster recovery tests we ensure our readiness to handle unforeseen disruptions. Network and server infrastructure • The production data centre is scheduled for relocation to the St Andrews building to ensure operational continuity and strengthen infrastructure resilience. • Our virtual infrastructure for both production and disaster recovery environments has been upgraded to come into line with the latest industry standards. ICT Governance, Risk and Compliance • The Interfront Information Systems Management Committee (ISMC) facilitates IT governance. The committee engaged with all concerned to address security matters and ensure compliance. • The CIS (Centre for Internet Security) standard is being implemented with completion planned in 2024.