Security Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

MinterEllison's Security Program

MinterEllison takes IT and cybersecurity seriously and will continue to undertake several important operational and strategic Information Security initiatives across the firm.

MinterEllison's Information Security Program aims to:

  • Develop and implement the Information Security Policy which underpins the controls, standards and guidelines for all aspects of security to protect and assure availability of all MinterEllison's and its clients' information, data and systems.

  • Monitor and strengthen MinterEllison's information security practices that ensures that all sensitive information is protected from inadvertent disclosure, fraud, misappropriation, misuse, sabotage or cyber threats.

  • Ensure the integrity and accuracy of all MinterEllison electronic information systems and to prevent damage or loss to Minter Ellison information, its operations and client information.

  • Report and maintain MinterEllison's security posture against policy, risk and compliance to industry best practices.

Compliance

Cyber Essentials Logo
Cyber Essentials
CyberGRX Logo
CyberGRX
ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
SOC 2 Type 2 Logo
SOC 2 Type 2

Documents & Policies

Featured Documents

COMPLIANCEISO 27001
COMPLIANCEISO 27001 SoA
AUDITS & REPORTSASD Essential 8
AUDITS & REPORTSAPRA CPS 234
COMPLIANCECyber Essentials
DOCUMENTS & POLICIESMinterEllison Cybersecurity Controls
AUDITS & REPORTSMinterEllison Information Security Program
SECURITY POLICIESCybersecurity Incident Response Plan

Audits & Reports

APRA CPS 234
ASD Essential 8
MinterEllison Information Security Program
View more

Supply Chain Security

Third PartiesMimecast-company-logoMicrosoft-company-logoKiteworks-company-logoAmazon Web Services (AWS)-company-logoThomson Reuters-company-logo
Data Breach Notifications
Data Security Summary Statement - eDiscovery
View more

System Security

Access restriction to files
Email Protection
File Sharing
View more

Personnel Security

Background Checks
Cybersecurity Awareness
Onboarding
View more

Data Security

Backup
Client Data Security
Data Classification
View more

Application Security

Application Whitelisting
Patch Management
Software Development
View more

Artificial Intelligence

Artificial Intelligence Governance
Content Generator - Security Posture

Modern Slavery

Modern Slavery

Legal | Privacy

Legal Notices
Privacy Policy
Terms of Use

Access Control

Access Controls (SSO | Remote)
Multi Factor Authentication
Password Security

Infrastructure

Security Incident Management
Asset & Information Management
Disposal of Media
View more

Endpoint Security

Disk Encryption
End Device Security
Endpoint Detection & Response
View more

Network Security

IDS/IPS
Network Access
Network Segregation
View more

Physical Security

CCTV
Computer Room Access
Physical Access - Policy
View more

Security Policies

Change Management
Clear Desk Policy
Cloud Hosting Policy
View more

Security Grades

SecurityScorecard
MinterEllison
Security Scorecard A grade
Qualys SSL Labs
MinterEllison
A
Security Headers
MInterEllison
A

Risk Management

Business Continuity Plan
Business Resilience Framework

Data Governance

Data Classification Standard
Data Management Principles
Data Retention and Disposal
Knowledge Base (FAQ)
Security Trust Center Updates

Oracle Cloud Breach

Vulnerabilities
Copy link

MinterEllison is aware of the recent reports on potential Oracle Cloud breach. We do not utilise the Oracle Cloud infrastructure in our operations and not directly affected by it. We are monitoring the situation closely and are working with our suppliers to assess any potential impact.

Published at N/A*

Palo Alto Networks Vulnerability in PAN-OS, CVE-2024-3400

Vulnerabilities
Copy link

MinterEllison is aware of the recent disclosure of the Vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS.

We do not use GlobalProtect gateway or GlobalProtect portal (or both) and are not impacted by the vulnerability.

Published at N/A

XZ Utils Backdoor Vulnerability

Vulnerabilities
Copy link

MinterEllison is aware of the recent disclosure of the XZ Utils backdoor vulnerability (CVE-2024-3094). This software is not used in our environment and we are not affected by it. We are keeping an eye on the situation and also checking our supply chain for any potential impact.

Published at N/A

Citrix Vulnerabilities

Vulnerabilities
Copy link

Published on 21 November 2023

MinterEllison is aware of the recent CitrixBleed vulnerability that has been making headlines. We want to assure you that the security of our systems and the protection of your data is our top priority.

We have taken immediate action and have successfully patched our systems against this vulnerability.

We will continue to monitor the situation closely and take necessary actions as required to ensure the highest level of security for the data in our environment.

Published at N/A*

MOVEit Vulnerabilities

Vulnerabilities
Copy link

Published on 14 June 2023

MinterEllison is aware of the latest MOVEit vulnerabilities. We do not utilise the MOVEit software in our operations and are not affected by it. We are monitoring the situation closely across our environment including third party suppliers.

Published at N/A*

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Built onSafeBase by Drata Logo