Galexia

  Services


[ Galexia Dots ]

Galexia delivers specialist research and advisory services. Galexia has expert consultants in cloud computing, cybersecurity, identity, digital economy, privacy, authentication, electronic commerce and new technology. We leverage our legal, business and technical knowledge to deliver successful business strategies to a diverse range of clients.

Galexia works closely with clients to identify and resolve legal, technical and strategic issues in projects that raise privacy, security, identification or authentication issues. We help a diverse range of international, business and government clients to understand their legal, regulatory and best practice requirements, and to develop compliance tools, manage stakeholder consultation and architect solutions.

Galexia has an up to date understanding of cloud computing, cybersecurity, privacy, identity, digital economy, identification and authentication technology and strategies. Our team has expertise in law, policy, technology and public relations. We have a wealth of experience in conducting and participating in industry and consumer consultations, and in delivering briefings at CEO, Board and Ministerial levels.

We create clarity out of complexity.

Our focus is on research, advice, strategies and solutions involving cloud computing, e-commerce, identification, identity management, authentication, security and privacy in Australia, Asia-Pacific, Europe and globally. Read more »

We have deep involvement and experience in a number of sectors, including government, banking & finance, consumer rights, data brokers & infomediaries, education, eHealth, ICT, legal, telecommunication. Read more »


[ Galexia Dots ]

Summary

Galexia works closely with clients to identify and resolve legal, technical and strategic issues in projects that raise privacy, security, identification or authentication issues. We help a diverse range of international, business and government clients to understand their legal, regulatory and best practice requirements, and to develop compliance tools and manage stakeholder consultation.

Galexia has an up to date understanding of cloud computing, cybersecurity, digital economy, identification and authentication technology and strategies. Our team has expertise in law, policy, technology and public relations. We have a wealth of experience in conducting and participating in industry and consumer consultations, and in delivering briefings at CEO, Board and Ministerial levels.

Galexia’s team has skills in public relations, clear communication and in dealing with the media as part of the consultation and presentation of project outcomes.

We think strategically and then propose and critically assess solutions, rather than simply inform clients in a legalistic and mechanical way.

Galexia has an excellent track record in working closely with clients to develop appropriate project methodologies and deliver quality project outcomes, based on best practice management systems and high quality infrastructure and support. We take an open, transparent and collaborative approach. We make project materials available via our secure extranet so that clients have the opportunity to collaborate in the project.


[ Galexia Dots ]

Galexia delivers specialist management consulting, research and advisory services to our clients. Our services include:


[ Galexia Dots ]

Cloud Computing Strategy and Advice

Galexia is at the cutting edge of providing strategic advice and analysis of cloud computing issues to a range of global clients. We have developed unique methodologies for assessing cloud readiness, and we provide advice on legal and regulatory challenges as well as infrastructure issues.


[ Galexia Dots ]

Galexia is experienced in assisting individual organisations to make the transition to cloud computing, while managing their legal and regulatory responsibilities. This has included advice on privacy, security and intellectual property issues as clients utilise cloud services to store and process data or to take advantage of online services.

Galexia’s team has also completed some of the world’s largest comparative analysis of whether countries are ready for cloud computing, including the analysis of laws, regulation, policy and infrastructure in 14 Asia Pacific countries in 2011 and 24 global countries in 2012, 2013 and 2015.

 

Related Projects

Case Studies and additional research

  • BSA Global - Galexia developed the landmark series Global Cloud Readiness Scorecards for BSA | The Software Alliance The scorecard examines the legal, regulatory and infrastructure environments in 24 countries, including a detailed assessment of their readiness for cloud computing.. The Scorecard is undergoing a significant update and a new series is being rleased in mid 2017. Read more »
  • BSA Asia-Pacific - Galexia developed the Asia Pacific Digital Economy and Cloud Computing Scorecard in April 2011. The Scorecard is a comparative analysis of major cyberlaw issues and digital infrastructure in 14 Asia-pacific countries. The report discusses whether the region is making progress on developing consistent and harmonised laws and regulations that facilitate cloud computing. Some key gaps and challenges were identified in areas such as data protection law, cybercrime legislation and ICT infrastructure. Read more »
  • Victorian Department State Development, Business and Innovation - DSDBI - Galexia completed a series of client data management PIAs for the Victorian Department of Innovation, Industry and Regional Development in 2009, 2010 and 2013. The advice considered issues of data security and transborder data flow under Victoria’s privacy laws, as well as public perception and system governance, as they moved some of their key services on to cloud computing platforms. Read more »

Recent news and updates

 


[ Galexia Dots ]


CyberSecurity Research and Advice

Galexia has expertise in cybersecurity advice and conducts large-scale, global comparative research on cybersecurity strategies and infrastructure.


[ Galexia Dots ]

Galexia is at the forefront of international research and advice on the policy issues that arise for countries addressing cybersecurity issues. This includes advice on national cybersecurity strategies, critical infrastructure protection and the establishment of cybersecurity management and alert systems. Key elements include:

  • Cybersecurity risk assessments
  • CERTs
  • Public Private Partnerships (PPPs) and industry collaboration
  • National and multinational cybersecurity exercises
  • Cybersecurity standards and audit requirements
  • Sector specific cybersecurity plans
  • Cybersecurity education and awareness strategies and campaigns
  • National Incident Management Structure (NIMS)We have expertise in the policy complexities that arise for countries addressing cybersecurity issues. We provide advice on national cybersecurity strategies, critical infrastructure protection and the establishment of cybersecurity management and alert systems.  

Galexia is currently engaged in a large-scale international benchmarking exercise of cybersecurity strategies and infrastructure. Galexia’s research on cybersecurity includes a detailed country-by-country analysis of legislation, regulations, government policy, standards and infrastructure related to Cybersecurity in 38 countries, including 10 Asia-Pacific countries and the 28 EU member countries. This analysis also identifies the key entities operating in each jurisdiction.

Galexia can assist clients assess geo-political risks, infrastructure, cybersecurity readiness and other benchmarks in addressing cybersecurity issues across multiple jurisdictions.

 

Related Projects

Case Studies and additional research

  • APAC Cybersecurity Maturity Dashboard - In July 2014 Galexia began work on an important research project for BSA - The Software Alliance. Galexia has been commissioned to prepare a report on Cybersecurity in 10 Asia Pacific nations. The countries included in the study are Australia, China, India, Indonesia, Japan, Korea, Malaysia, Singapore, Thailand and Vietnam. The report will be published in early 2015. Read more »
  • EU Cybersecurity Maturity Dashboard - Galexia has been commissioned to prepare a report on cybersecurity in 28 EU member countries for BSA - The Software Alliance. The report will be available in early 2015. Read more »
  • Global Cybersecurity Education best practice study - Galexia prepared an analysis of international Cybersecurity awareness raising and educational initiatives for the Australian Communications and Media Authority (ACMA) in 2011. The study included research and advice on 68 cybersecurity initiatives (both government and private sector) in 11 jurisdictions. Read more »

Recent news and updates

 


[ Galexia Dots ]


International and Cross-Border Research

Galexia has expertise in international research and analysis, and conducts large-scale comparative research for our clients. We utilise an extensive network of global partners and associates to deliver up to date analysis on technical, legal and policy developments in both developed and developing countries.


[ Galexia Dots ]

Galexia has extensive experience in delivering customised international research to our business and government clients. We have developed unique methodologies for analysing, rating and measuring progress in individual countries against key criteria. We utilise collaborative cloud based reporting tools to provide real time access to our research and analysis.

Galexia has completed international research in a wide variety of fields, including Cybersecurity education, electronic health records, cloud computing readiness, privacy laws and enforcement, interactive gambling regulation and electronic contracting.

Galexia’s work in this area has included:

  • Cybersecurity standards and requirements in international banking and prudential regulations
  • Detailed analysis of Free Trade Agreements and other bi-lateral agreements;
  • Detailed analysis of global and regional treaties and agreements;
  • Comparative analysis of national laws;
  • Multi-country advice on cross border data transfers, IT outsourcing, data retention, etc;
  • Advice to government agencies and departments on cloud computing initiatives;
  • Publication of large scale legal information resources;
  • Development and conduct of multi-country surveys; and
  • Development and publication of regional and country implementation guides for digital economy regulation and infrastructure;

 

Related Projects

Case Studies and additional research

  • BSA Global - Galexia developed the landmark series Global Cloud Readiness Scorecards for BSA | The Software Alliance The scorecard examines the legal, regulatory and infrastructure environments in 24 countries, including a detailed assessment of their readiness for cloud computing.. The Scorecard is undergoing a significant update and a new series is being rleased in mid 2017. Read more »
  • ACMA CyberSecurity - International Cybersecurity education initiatives -Galexia, in partnership with the Cyberspace Law and Policy Centre, completed research for the Australian Communications and Media Authority (ACMA) on international Cybersecurity awareness raising and educational initiatives in May 2011. The study included research and advice on 68 Cybersecurity initiatives (both government and private sector) in 11 jurisdictions. Read more »
  • BSA Asia-Pacific - Galexia developed the Asia Pacific Digital Economy and Cloud Computing Scorecard in April 2011. The Scorecard is a comparative analysis of major cyberlaw issues and digital infrastructure in 14 Asia-pacific countries. The report discusses whether the region is making progress on developing consistent and harmonised laws and regulations that facilitate cloud computing. Some key gaps and challenges were identified in areas such as data protection law, cybercrime legislation and ICT infrastructure. Read more »
  • Department of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a ‘National Health Identifier’. The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »

Recent news and updates

 


[ Galexia Dots ]


Specialised Legal and Regulatory Consulting

Galexia delivers detailed legal and regulatory analysis with a strategic perspective.


[ Galexia Dots ]

Our extensive legal background and our understanding of the impact of new technology on business processes allow us to deliver detailed and up to date legal and regulatory analysis. The task of interpreting legislation and regulations which have an impact on new technology products and services is one of Galexia’s core areas of expertise.

Galexia is particularly adept at performing this task in situations where more than one law or standard applies. We are able to develop compliance cross reference tables matching key administrative tasks and processes against all compliance requirements. We also possess the expertise to use these tables in developing plain language, well structured policy, process and guideline documentation.

Galexia has provided advice in every Australian jurisdiction, the EU, Hong Kong, Japan, Korea, New Zealand, Taiwan, the United States and all Member Countries of ASEAN (Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam).

Galexia staff and associates continue to publish up-to-date articles on all aspects of electronic commerce law, and we provide online teaching materials for Cyberspace Law and Electronic Commerce Law courses at the University of NSW.

 

Related Projects

Case Studies and additional research

  • ASEAN - Galexia partnered with global law firm Baker & McKenzie to develop and implement a harmonised legal infrastructure for electronic commerce in ASEAN (Association of South East Asian Nations: Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam). Read more »
  • DBCDE - Galexia assisted the Department of Broadband, Communications and the Digital Economy in the development of an anti-spam legislation, enforcement and co-operation regime for the Pacific islands Niue, Samoa, and Vanuatu. Read more »
  • UNCTAD - Galexia was commissioned by the United Nations Commission on Trade and Development to prepare a case study on the ASEAN E-Commerce Project for the Information Economy Report 2007-2008. Read more »

Recent news and updates

 


[ Galexia Dots ]


Strategic Privacy Consulting

Galexia has expertise and experience in privacy compliance and privacy management.


[ Galexia Dots ]

We integrate our privacy products and services with business process, software development and technology implementation project lifecycles. Our projects have involved large-scale and technically complex applications. Typically in these projects, getting the privacy right is a core business requirement.

Our privacy consulting focus is on compliance advice and compliance strategies for organisations in a range of jurisdictions. We have direct experience of privacy compliance issues in Australia, the EU, Hong Kong, Japan, Korea, New Zealand, Taiwan and the United States.

 

Related Projects

Case Studies and additional research

  • Defence - Galexia provided initial privacy advice to the Department of Defence for their Identity Management Project. Read more »
  • Fidelity - Galexia provided regional privacy advice to the investment firm Fidelity International for their operations in the Asia-Pacific region, including a privacy compliance report, briefing notes on key privacy issues, and a regional privacy strategy. Read more »
  • New South Wales Roads and Traffic Authority - Galexia conducted a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority, covering the RTA’s potential participation in the national Document Verification Service. Read more »
  • Veda Advantage - Galexia was commissioned to prepare an independent submission to the Australian Law Reform Commission’s review of Australian privacy laws. The report analysed the privacy implications of credit reporting. Read more »
  • Asia-Pacific Region at the Privacy Crossroads - This article examined trends and developments in Asia-Pacific privacy laws, and the benefits and risks of the region pursuing either of the two leading privacy models - comprehensive privacy legislation as exists in the European Union, or self-regulation as proposed under the APEC Privacy Framework. Read more »
  • Privacy breach sanctions in the Asia-Pacific region - This article summarises the sanctions available for privacy breaches in Australia, Hong Kong, Japan, Korea, and Taiwan. Read more »

Recent news and updates

 


[ Galexia Dots ]


Privacy Management Lifecycle: Our Privacy Products and Services

The management of privacy issues is a recognised (and maturing) compliance task. Galexia has developed a range of tools to assist in privacy management.


[ Galexia Dots ]

Clients may wish us to be involved in a single aspect of privacy management, ask us to be involved in the privacy management of a whole project, or seek our advice on a regular basis.

Our services and tools include:

Design

Privacy Impact Assessment (PIA)

This assessment identifies privacy issues in specific sectors or applications. A PIA process is particularly useful in implementations of new technology or new processes. By using the PIA tool at the design stage of an implementation organisations can avoid privacy errors and the costs of rectification at later stages.


Privacy Management Strategy (PMS)

This tool is used to develop and implement a risk management strategy and practical action plan. Each privacy issue is allocated a response and action is delegated to individuals or organisations. The PMS includes a compliance timetable.


Privacy Risk Management

Public and stakeholder consultations on the chosen strategy are often as important as ensuring technical compliance. Effective consultation can help identify and manage key privacy risks.



[ Galexia Dots ]

Solution Implementation

Privacy Oversight Committee

This tool is used to develop a governance structure to oversee privacy issues arising throughout the life of the implementation. Some privacy issues may not be ascertained at the design stage so reviews and audits under the direction of an oversight committee are often necessary.


Documentation

We assist clients to develop documentation which addresses identified privacy concerns, including privacy manuals, web site privacy policies, integration with existing policy and procedure documents, and customer consent forms.


Training and education

We develop content for and present educational materials and training workshops for staff and key service providers to ensure that the client’s entire business is privacy aware.



[ Galexia Dots ]

Ongoing


Outsourced Chief Privacy Officer (CPO)

The Chief Privacy Officer is responsible for managing privacy compliance within an organisation over time as processes and regulations change. This responsibility may fall within an existing role, or may give rise to a new role. We can advise the client in relation to the structuring of that role in-house and provide assistance to that role, or it may prove more cost effective to outsource that role to us.


Assist in-house Chief Privacy Officer (CPO)

We can provide advice and assistance to an in-house CPO on a retainer or ad-hoc basis. Assistance can include handling complaints and inquiries, providing updates on legal and regulatory developments, and helping meet reporting requirements.


Monitoring - Privacy audit

Reviewing the effective adoption and use of complying processes and documentation on a regular basis (including by independent audit) is a useful tool in identifying and managing privacy risks. It also raises public confidence in the management of privacy, particularly in new technology projects. This process is targeted at identifying and dealing with problems before complaints or claims are received.

 


Related Projects

Case studies and additional research

  • Defence - Galexia provided privacy advice to the Department of Defence for their Identity Management Project. Read more »
  • Fidelity - Galexia provided regional privacy advice to the investment firm Fidelity International for their operations in the Asia-Pacific region, including a privacy compliance report, briefing notes on key privacy issues, and a regional privacy strategy. Read more »
  • New South Wales Roads and Traffic Authority - Galexia conducted a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority, covering the RTA’s potential participation in the national Document Verification Service. Read more »

Recent news and updates

 


[ Galexia Dots ]


Self-regulation and Codes of Conduct

Galexia delivers strategic advice on industry self-regulation and codes of conduct.


[ Galexia Dots ]

Galexia provides advice on a range of best practice regulation, including industry self-regulation, co-regulation, and codes of conduct. We understand that different regulatory models suit different applications, and advise on the most appropriate model for a given context.

Our legal and technological expertise spans electronic commerce, privacy, identity, authentication, and consumer protection, across a range of industries. We are in a unique position to balance regulatory and best practice requirements with business needs and stakeholder or consumer concerns.

Galexia’s approach and methodology for the development of Codes of Conduct encapsulates best practice approaches to self-regulation and fosters industry consensus and ownership.

Galexia can provide detailed best-practice advice on all of the following:

  • Code membership requirements
  • Conduct and obligations
  • Complaints and Enforcement
  • Code governance and review
  • Identification of Implementation Steps and Transition Issues
  • Code Registration and/or Authorisation

 

Related projects

Case studies and research

  • Queensland Valuation and Sales System Code of Conduct - Galexia developed a Code of Conduct for bulk data access to identified information in the Queensland Valuation and Sales System (QVAS) database, covering privacy protections and complaints mechanisms for access to information about real property transactions in Queensland. Read more »
  • Consumer protection in the telecommunications industry - This issues paper, prepared for CHOICE, provides an overview of consumer concerns with the co-regulatory consumer protection framework in the telecommunications sector in Australia. Read more »
  • Credit Reporting Regulatory Framework - This report, commissioned by Veda Advantage and submitted to the ALRC's review of Australian privacy law, discusses options for a framework for stronger, more effective and more efficient consumer protection in credit reporting in Australia. Read more »
  • Submission to the Review of the EFT Code of Conduct - This joint submission, prepared by Galexia, CHOICE, the Consumer Action Law Centre and the Centre for Credit and Consumer Law, discusses developments in electronic consumer payments, online fraud, and consumer protection. Read more »

Recent news and updates

 


[ Galexia Dots ]


Issues Management: Public and Stakeholder Consultations

Our team has a wealth of experience in conducting and participating in industry and consumer consultations and workshops, and in delivering briefings at CEO, Board and Ministerial levels.


[ Galexia Dots ]

While we have our own extensive network of contacts we also work closely with clients to assist in the consultation process. We are experienced in managing stakeholder liaison and providing stakeholder services such as conducting workshops, stakeholder correspondence, media analysis and advice on the media response.

Galexia’s team also have experience in public relations, clear communication and in developing documentation such as media kits, Frequently Asked Questions, fact sheets, discussion papers and workshop information packs.

 

Related Projects

Case Studies and additional research

  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. Galexia provided strategic advice to ANTA as they developed their electronic authentication strategy, and has conducted stakeholder consultations and a national workshop to help promote the strategy. Read more »
  • Queensland Transport - Galexia provided strategic advice and privacy compliance advice regarding the upgrade of the Queensland Driver Licence. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a ‘National Health Identifier’. The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »

Recent news and updates

 


[ Galexia Dots ]


ICT Advisory Services

Galexia is a high-quality provider of ICT strategy, procurement and implementation services.


[ Galexia Dots ]

Galexia has expertise and experience in ICT strategic consulting, solution architecture, software development and systems integration. Galexia was founded in 1999 as an online services provider, building some of the earliest major online portals for large organisations including the Law Society of NSW and the Law Institute of Victoria.

Galexia continues to provide high-quality technical services - from best-of-breed small business ICT/cloud strategy development, procurement and cloud implementation through to enterprise-level online services and support. We can provide:

  • advice on technology procurement;
  • with implementation of best practices - designing security, backup and systems management processes;
  • advice on architecture and management of ICT solutions;
  • and project management services;
  • on new technologies, including Google Apps and other cloud computing services;
  • and support for enterprise Java-based technology;
  • 'outsourced CIO' capabilities.

Our ICT services help businesses to leverage the latest technologies - from basic email and document sharing to cloud computing, provisioning processes, simple directory solutions, and backup and disaster recovery solutions.

Galexia’s expertise in business systems, new technologies and policy issues is founded on our strong grounding in the technical design and real-life operation of highly available ICT systems. Galexia has helped various clients with online services and support, including:

  • Law Institute of Victoria
  • Law Society of New South Wales
  • Flat Technologies
  • UTS
  • NSW RTA
  • Lord Howe Island Museum
  • Sydney Water
  • Priscilla’s Model Management
  • Nosecone Australia Pty Ltd
  • Foundations (AU) Ltd
  • NSW Attorney General
  • Box Hill Institute
  • Macquarie Bank/Fairfax - Trading Room
  • Friends of the Earth (UK)
  • Greenpeace (Australia)
  • GST Pay
  • Lawpoint
  • News Interactive
  • Grange Securities/Surfboard

Galexia has provided ICT advice to both start-up companies and large multi-national enterprises. Galexia has particular expertise in enterprise-level communication and collaboration tools, and has engineered large-scale email systems. Galexia also takes particular interest in emerging platforms (secure approaches to mobile and cloud computing).

Identity Management and Authentication - Strategic Consulting

Galexia delivers advice on the complex technologies and applications of identity management and authentication.


[ Galexia Dots ]

Galexia has expertise in identity management and delivering electronic authentication advice.

Galexia’s expertise on identity management includes consideration of the policy context as well as technical design issues, legal compliance, political considerations and community attitudes. Our background in law, technology and public relations makes Galexia uniquely suited to delivering strategic advice on identity management.

Our consultations in authentication involve identifying and analysing the current legal and regulatory framework for the use of electronic authentication, with a particular focus on identifying obstacles to progress, and making recommendations for how such obstacles can be overcome.

Our technical background in both these areas gives us a unique understanding of the inner workings of electronic authentication and identity management technologies and ensures that we provide accurate and detailed advice and analysis in both of these areas.

 

Related Projects

Case Studies and additional research

  • Dept of Health and Ageing - The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a "National Health Identifier". The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations. Read more »
  • AGIMO - IMAGE - Galexia has completed a project with the Australian Government Information Management Office (AGIMO) to conduct a Privacy Impact Assessment (PIA) and develop a Privacy Management Strategy (PMS) for the Identity Management for Government Employees (IMAGE) Framework. The framework provides infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors. Read more »
  • Law Society of NSW - Galexia won a competitive tender to develop policies, procedures and documents for a pilot of the Law Society’s digital credentials. Galexia’s role is to ensure that policies are compatible with current best practices in PKI and the proposed Gatekeeper reforms. Read more »
  • AGIMO - AGAFI - Galexia won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project involved the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication. Read more »
  • AGIMO - Gatekeeper - Galexia provided consultancy services to the Department of Finance and Administration (now the Department of Finance and Deregulation) relating to the Gatekeeper Public Key Infrastructure (PKI) Framework. The Gatekeeper Strategy governs the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology-neutral accreditation program for issuers of digital certificates. Read more »
  • ANTA - Galexia completed a discussion paper for the Australian National Training Authority on legal and regulatory issues in electronic authentication in the Vocational Education and Training sector. The paper includes a chapter on the legal and regulatory framework, including a lengthy summary of all applicable law, plus a detailed chapter on specific legal issues raised by the use of electronic authentication in the education sector.. Read more »
  • ABN-DSC - Galexia prepared a report for NOIE on issues in the use and cross recognition of Australian Business Number Digital Signature Certificates (ABN-DSC). This project included detailed analysis and comparison of all the ABN-DSC Certificate Policies, Certification Practice Statements and subscriber agreements available in Australia, and an analysis of international developments.

Recent news and updates

 


[ Galexia Dots ]


Identity Management and Authentication - Technical Consulting

Galexia has expertise in identity management technical architecture and implementation, including strategy, business and technical requirements, architecture and design.

Galexia has Government and private sector clients in Australia, Asia-Pacific, North Asia, Europe and the USA. Galexia Directors and team members have provided consulting services to many of the largest identity, access management and authentication initiatives in Australia.


[ Galexia Dots ]

Identity and Access Management

Galexia is a trusted advisor partner on a number of identity management projects. Galexia provides:

  • Stakeholder consultation and business, requirements and risk analysis;
  • Technology evaluation to choose relevant products and vendors, based on wide experience;
  • Strategy, architecture and design supported by detailed technical knowledge and best practices;
  • Planning for deployment;
  • Useful, realistic and respected consulting advice;
  • Open communication;
  • Delivery of professional and high quality outputs and outcomes;
  • A depth of technical, business and legal knowledge and experience.

Galexia has specialised in the architecture of distributed identity solutions, including authentication, authorisation, accounting, auditing, single sign-on, federation, provisioning, synchronisation, public key infrastructure and emerging user-centric (Identity 2.0) approaches.

Galexia has provided senior consulting services to large-scale identity management architecture projects for customers including Australian Government Online Service Point (AGOSP) Authentication Team, Vodafone, Telstra, Bigpond, Sensis, Foxtel, the Australian Taxation Office, the Roads and Traffic Authority NSW and Singapore Government.

The combined user population of the identity management systems Galexia has designed is in the tens of millions.

Galexia’s Identity and Access Management (IAM) Strategy Process and Product Evaluation Matrix

Phase 1: Engage

In this phase, the client and Galexia agree on the project scope and timetable, establish communication and collaboration mechanisms, and decide on reporting requirements.

Phase 2: Identify

This phase focuses on identifying relevant inputs via stakeholder consultations and collection of other relevant materials.

Phase 3: Analyse

In this phase, Galexia develops analysis and advice in a number of key documents:

  • 1: Business Requirements, based on analysis of materials collected in the Discovery phase;
  • 2: Technology Evaluation, comparing a number of vendor offerings across metrics relevant to the identified requirements; and
  • 3: Identity and Access Management (IAM) Strategy, a technology-neutral document setting out a broad vision, identifying key requirements and goals, and presenting a high-level architecture.

Phase 4: Plan

Based on the recommendations and outcomes of the analysis, Galexia will assist in the planning for implementation, including a:

  • Broad, Implementation Roadmap; and
  • More specific Implementation Proposal with a design and scope for proceeding with implementation activities.

 

Galexia Directors have a long history with Identity and Access Management Strategies and Roadmaps

  • University of Sydney - IDAM Strategy and Roadmap (2017)
  • University of Queensland - IDM Evaluation and Roadmap, IDM Business Process Mapping (2015-2016)
  • Digital Transformation Agency (DTA) - Digital Identity Provision in Australia (2016)
  • Coles - Identity Management Strategy (2016)
  • Vodafone - Identity Strategy and Cloud-based identity architecture (2013-2015)
  • Fletcher Building - IAM Strategy and Roadmap (2015)
  • Foxtel - IAM Strategy, Architecture and Marketplace Review (2015)
  • Oil Search Limited - IAM Current State Analysis (2014)
  • University of New England - IAM Business Requirements, RFP preparation and evaluation (2013)
  • University of New South Wales - IDAM Options - Review, Findings and Recommendations (2012)
  • Transport for NSW - Current State Analysis of IAM Capability (2012)
  • Australian Energy Market Operator (AEMO)- Identity Management Strategy (2012-2013)
  • Monash University - Directory Services Upgrade Strategy and Planning (2011)
  • University of Western Sydney - IAM Platform Review (2010)
  • University of Sydney - Identity Management Mentoring (2010)
  • Australian Taxation Office (ATO) - Identity Management (2008)

Related Projects

Case Studies and additional research

  • Macquarie Bank - Galexia was engaged as independent experts to assist the development of identity management - analysing and prioritising business needs, performing a detailed evaluation of available solutions, designing an identity strategy and governance framework, and providing a roadmap for roll-out and implementation. This comprehensive high-level process enabled the client to proceed with confidence, understanding and ownership in their identity management solution. Read more »
  • Australian Government Information Management Office (AGIMO) - Galexia designed the identity component of the Australian Government Online Service Point (AGOSP) project, which aimed to provide a single-access portal interface for all Australian Government services to citizens. This work included facilitation in cross-agency requirements workshops, participation in the consortium architecture group and liaison with OASIS and Liberty standards representatives to ensure that the architecture and design met international best practices and standards. Read more »
  • Vodafone - Galexia (with partners, including Sun Microsystems Australia) assisted in the design and delivery of a telco-grade identity management and access control solution for Vodafone Australia. Read more »
  • Singapore iDA - The Infocomm Development Authority of Singapore (iDA) developed a National Authentication Framework (NAF) programme under their 10 year Intelligent Nation Masterplan. Galexia was chosen as part of a consortium (also including KPMG, Baker & McKenzie.Wong & Leow and Biometix) to drive and guide the establishment of the NAF. Read more »

Recent news and updates

 


[ Galexia Dots ]


Identity Management and Authentication - Cloud and Software-as-a-Service (SaaS)

With the accelerating adoption of cloud-based SaaS applications, organisations are increasingly facing new identity and access management (IAM) related challenges, including:

  • Proliferation of credentials
  • Separate user repositories for each SaaS application
  • Control of access entitlements and the identity lifecycle
  • IAM interoperability: enterprise, cloud and social media
  • Cloud identity authentication and provisioning: standards, proprietary integration and vendor lock-in
  • Mobile application authentication and credential management
  • Support for multi-factor authentication
  • Support for identity attribute aggregation
  • Identity gateways, bridges, routers
  • Consistent application of security and privacy policy
  • Scalability of cloud-based IAM

Galexia can provide an assessment of the impact of these challenges in an organisation, an approach for avoiding common pitfalls, and a roadmap that will turn challenges into opportunities.

Galexia offers a number of Cloud IAM services:

  • Policy development
  • Strategy development
  • Roadmap, options and costs
  • Product and vendor evaluation
  • GRC and auditing
  • Identity lifecycle business process analysis and re-design
  • Design principles and best practices

 

Case Study: AEMO - Single Sign On (SSO) with Cloud (Software-as-a-Service (SaaS))

Galexia provided AEMO (Australian Energy Market Operator) with options for implementing Single Sign-On (SSO) to external Software-as-a-Service (SaaS) applications. Our consultants performed an analysis of AEMO's authentication requirements, internal and external applications, and existing processes. We used our expert knowledge of cloud-based SSO technology vendors and solutions to select and cost the best approach, based on proven cloud identity design principles and best practices.

 


[ Galexia Dots ]