iLOAD Loans Cybersecurity Commitment & Standards
iLOAD Loans is committed to maintaining a strong and proactive cyber security posture to protect client data, systems, and operations. We’ve now completed two security audits with Lettscomm, with our first audit scoring very highly — a strong result for an initial pass. Lettscomm confirmed our systems were already secure, with the main recommendations focused on formalising documentation and implementing specific policies.
We work closely with our IT partners at Lettscomm, Webb Software and follow the Australian Cyber Security Centre’s Essential 8 Maturity Model to guide our cyber risk management. Key measures we’ve implemented include:
- Centrally managed application control
- Regular patch management for operating systems and applications
- Multi-Factor Authentication (MFA) enforced across all core systems
- User application hardening and strict access control
- Backups monitored and tested by our IT team
- Ongoing security awareness training and comprehensive team vetting
Oversight is handled through our Salesforce-based KIA system, where we conduct an internal cyber security audit annually, using the Essential 8 and NIST frameworks as our guiding standards. This is supported by scheduled internal tasks that ensure each of the eight principles is addressed thoroughly and consistently.
The principle of least privilege is strictly applied across all systems and platforms. Access to client data is granted only when necessary and only to those who require it to perform their role.
At iLOAD Loans, we uphold the highest standards of security and trust when bringing team members on board. Every individual undergoes a rigorous screening process, including identity verification, police and credit checks, detailed reference checks, and social profile reviews. These stringent measures ensure that only thoroughly vetted and trusted professionals gain access to our systems, maintaining the integrity and security of our operations.
We use GoTo Resolve for secure remote support and enforce data security through tools like the Dropbox Wipe feature when offboarding staff or adjusting permissions.
While external audits offer valuable insights, we’ve determined that annual third-party audits are not feasible for a business of our size. Instead, our internal oversight, structured controls, and the high level of personal accountability within our team allow us to maintain strong, transparent, and effective cyber security practices.
We remain committed to continuous improvement and alignment with best-practice frameworks and continue to review and refine our cyber security measures — ensuring not just secure systems, but peace of mind for our clients, our lenders, and our team, while aligning with industry standards.