Trust & Security

Securely connected, everywhere

At Orro, cybersecurity is more than a responsibility, it’s a promise. In our mission to become Australia’s most respected platform-enabled secure network and digital infrastructure provider, we know that trust is everything. It’s what our customers expect and what we work tirelessly to earn and protect every day.

We’re proud of the trust placed in Orro, and we’re committed to strengthening it every step of the way.

Reza Nashvi

Chief Information Security Officer

Our trust and security solutions

As we continue to lead in enabling digital transformation across Australia and New Zealand, we recognise that security is not just a technical discipline, it’s a strategic enabler. Our approach is grounded in proactive defense, agile thinking, and the continuous pursuit of innovation. We invest in the right technologies, cultivate a strong security culture, and challenge ourselves to stay ahead in an ever-evolving threat landscape.

Cybersecurity is both a shield and a catalyst. It safeguards what matters most, our clients, our people, and our shared digital future, while powering the confidence needed to move forward boldly.

Certified and Audited

We maintain the highest standards of information security.

  • ISO/IEC 27001:2022 certified
  • Successfully assessed under the IRAP framework
  • Aligned with best practices across patching, access control, and environment segregation
  • Regularly tested through penetration tests, phishing campaigns, and tabletop exercises

Our infrastructure is continuously monitored by a dedicated 24/7 Security Operations Centre (SOC).

  • XDR (Extended Detection and Response) technologies
  • Centralised logging and event correlation
  • Incident response playbooks and escalation paths
  • Simulation of realistic attack scenarios to ensure readiness

We apply strong protections across the entire data lifecycle and comply with leading global privacy regulations:

  • UK GDPR
  • Australian Privacy Act
  • Philippines Data Privacy Act
  • New Zealand Privacy Act

Key protections include:

  • Encryption of data in transit and at rest
  • Role-based access control and audit trails
  • Data minimisation and retention safeguards

We support our customers in understanding and verifying our security posture. You can download key policies and certifications below:

  • Statement of Applicability – ISO 27001:2022
  • ISO 27001:2022 Certificate
  • Information Security Policy
  • Privacy Policies
    • Australia
    • United Kingdom
    • Philippines
    • New Zealand

We are also proud to maintain a strong rating on SecurityScorecard, demonstrating our commitment to measurable, transparent security.

SecurityScorecard Rating: A

Orro is committed to protecting the security and privacy of our systems and customers. We appreciate the efforts of individuals who responsibly identify and report potential vulnerabilities in our environment.

If you believe you’ve found a security issue in any Orro service or system, we encourage you to report it using the form below. We commit to:

  • Reviewing valid submissions in a timely manner
  • Assessing and addressing confirmed issues as appropriate

Please avoid actions that could negatively impact Orro, our customers, or our services, including attempts to access data, disrupt services, or use social engineering.

Submitting a report does not create any legal obligation, partnership, or relationship with Orro.

Need Help?

For any security or privacy-related inquiries, please reach out using the relevant contact options above. Orro is committed to transparency, accountability, and continuous improvement in protecting your data.