Website Security, Audits and Implementation
What Website Security?: If you have any digital asset that is important to you or someone else, your security will be tested. Some of the most vulnerable assets are customer information, credit card information, passwords, and files. All websites need at least some kind of security measures.
Our Services include:
- Prevention & Planning
- Security Consulting
- Incident Response & Recovery
Server Security:
- WHM/CPANEL/LINUX: We perform over 20 tasks to make sure the server and access to the server is secure.
- File Permissions
- Server Firewall setup and configuration
- Apache Web Server Security
- Database security
- PHP security
- 2 Factor Authentication
- Code Audit
We Secure Your Application From The Following Types Of Attacks:
- Brute-force
- SQL injection
- XSS scripting
- Backdoor access
- DoS/DDoS
- Cookie Theft
- Bad Bot Access
- Code Injection
- Cross-Site Request Forgery (CSRF)
Secure Communication: All website traffic is setup to use https by setting up a strong SSL Certificate.
Security Layer: All website traffic will go through an external security layer which checks for a wide range of malicious attacks. If any encountered, those requested are blocked and will never get to the server. Moreover, only selected IPs are granted access to the ADMIN side of the website platform.
Software Updates: Linux patches, WHM/CPANEL updates, Software Platform updates (Magento, WordPress, Drupal,…)
Third Party Software Access / Integration Security:> All 3rd party software packages and extensions are being thoroughly audited and tested before integrating into the application. Additionally, we secure your application’s REST API endpoints to make sure it’s consumers have the correct permissions to access the data.
PCI Compliance: We make sure your website is PCI compliant.
User Roles, User Accounts, Passwords: Various Roles is created for your corporation’s departments and users are created underneath each role. Roles basically define which sections of the systems the users have access to. Each user account is setup to enforce strong passwords, password dictionary and password history enforced.
Credit Cards Numbers, Sensitive Information, Social Security Numbers, HIPPA Compliance: Sensitive information is never stored on the website server. We use highly secure RSA Tokenization and Encryption devices to store that data.