Luke Irwin,
IT Manager, Graystone
The Graystone group of companies is vertically integrated construction (Graystone), property management (Milestone), investment service and management firm (Stronghold Investment). The Graystone group places a very high imperative on security as they manage their own internal data and also that of their investors. They have an ethical and legal obligation to protect and secure their clients’ information, which is required to maintain their Australian Financial Services Licence.
Luke Irwin,
IT Manager, Graystone
Financial services & Investment Management
Construction
Property Management
Darra, QLD
Financial services & Investment Management
Construction
Property Management
Darra, QLD
Prior to Luke’s role being created and him coming on board, and then engaging Cymax, the number of issues with Graystone’s IT infrastructure were broad and complex.
“It was poorly secured, managed and configured. There was a lack of control around device specifications, application upgrade, and security management. VMWARE had not been patched in three years, the SAN in nearly four years and the host, not since commissioning,” Luke explains.
A terminal server was exposed to the internet, the MFA was sporadically applied, and conditional access was non-existent. It unfortunately did not end there. Luke says geo-blocking was not factored in by the prior vendor, the Antivirus was woeful, and backups not correctly established.
To identify the most suitable solution for Emmanuel College, Anthony and Sean Dendle, Director of Cymax began discussions, entering a collaborative approach so a bespoke solution could be developed for the College.
“We did have some idea on what services and products we needed, but Cymax was also able to work closely with us to assess and customise a package for Emmanuel College – ensuring our goals were met,” Anthony explained.
“We spent a long time discussing exactly what we do and what we needed for optimised IT outcomes. The consultative approach made the process very easy. Sean was responsive to our ideas. He knew what we needed and was able to advise which solution and / or product we required. Sean explained things well,” Anthony added.
A career spanning two decades in IT professional services, Luke knew what was required and didn’t want to waste time or money on another subpar provider. “We needed a quality, repeatable, secure outcome for the business; not a budget corner cutting one.
“I reached out to Cymax for an urgent meeting to discuss issues and determine if they had an interest in coming onboard to replace the incumbent.
This included the retirement of many devices that did not align with the planned security posture or were no longer in manufacturer support (some units went end of life around eight years prior).
“My role is one focused on service delivery with a high prioritisation on cyber security. With the work that I have delivered to the business through Cymax’s support, and their specialists have massively reduced our risk, reduced attack surface, and overall security posture through the supply and management of a defence in defence in depth approach to security.
Luke says Cymax’s ethical billing policy is a great approach to engagement.
“I need a partner that I can turn to with a list of requirements or perhaps a design for a system (collaboratively designed or solo) and trust them to deliver on that with honest representations of timelines and costs and if issue occur along the way that there is transparency – and I get that from Cymax,” Luke adds.
If cybersecurity still feels like a gap, it’s time to stabilise, secure and modernise.
