According to a Global Knowledge White Paper, 43% of companies experienced a data breach in 2014. And in 2016, Identify Force reported that data breaches increased by 40%. While some of these breaches are caused by human error, there are plenty of breaches that occur because of malicious behavior.
WebsiteForGov understands this threat. Because your security is important to us, we work hard to provide our clients with the best protection for their municipal website.
Protection begins with our perimeter and web application firewalls. The perimeter firewall monitors all access attempts to any part of your website. This includes all logins including WordPress, FTP, Email, etc. If malicious activity is detected, the IP address of the attacker is locked out and one of our technicians is notified in case additional corrective action is needed. The Web Application Firewall monitors all traffic to and from your website. The firewall uses a form of artificial intelligence and can detect and block security issues, even those that have not been patched. This provides peace of mind during the time when a vulnerability is discovered within your website and when the software vendor provides a patch.
We also employ dual authentication login for most of our hosting clients. Dual authentication requires a user to log in twice, using a different username and password each time. While this method can be cumbersome, it offers a second layer of protection to websites on which it is used.
The first authentication screen is activated on a server/system level and happens before access to your actual website is permitted. This offers two benefits: First, a system level authentication can handle thousands of requests per second with little to no system draw. Therefore, attackers who attempt to “overload” a website with login attempts never actually get to the website to create site degradation issues. Second, attackers are locked out after several attempts and one of our technicians is notified allowing us to take appropriate action. The end result is that most attacks go unnoticed by our municipal website clients.
If, per chance, an attacker gets by the first authentication, a second firewall, added to your WordPress by our technicians, will slow and eventually block their IP address. Again, a technician is notified, and the first authentication password is changed, effectively setting the attacker back to square one. Most attackers look for “low lying fruit.” Our security measures are extremely effective in that it simply takes too long to breach one of our managed websites and getting reset to square one in the middle of an attack will usually cause attackers to give up.
No Automated Maintenance
WebsiteForGov employs a team of experts who perform WordPress maintenance on each of our Managed Hosting client sites. Because real people perform updates, it minimizes the risk of fake updates and other malicious activity.
Finally, the last line of defense is our backup policies. Your entire server is backed up, off site, every few days and archives are kept for up to 1 month. In addition, WordPress Managed Hosting & Dedicated Cloud Hosting comes with an automatic, one-touch restore backup that secures all WordPress files, offsite, using the Amazon S3 redundant storage system. Although no backup system is 100% guaranteed, WebsiteForGov takes great pains to use several backup systems with offsite storage, providing what we believe to be one of the most secure hosting environments available today.
Personally Identifiable Information
What is PII? PII is personally identifiable information. Understanding, managing, and protecting PII is not to be taken lightly, especially with new compliance laws being passed by many states and countries. Below are some examples of what can be classified as PII depending on your state and country:
Social Seurity Number
Driver’s License Number
Date of Birth
Credit Card Number
Protect Your PII
We know the necessary steps to protect PII on your government website. At WebsiteForGov we have many options to protect PII from malicious attacks such as secure forms, SSL, encrypted hosting, secure messaging system, and more. In our initial email consultation, we will determine your municipality’s needs and construct a plan to protect any PII that your municipal website may need through collection or storage.
Create a Culture of Security at Your Municipality
Cyber security must be a priority for any municipality. Threats are constantly changing, and breaches are widely publicized. It is time to take control of security. For this reason, WebsiteForGov has partnered with CyberSafe Work to offer your municipality monthly training quizzes to keep security embedded in the culture of your municipality. The security awareness quizzes offered by CyberSafe Work include topics such as IT, password security, email phishing, network security, social media, internet security, social engineering, email security, cyber-attacks, and more. Also available are FREE downloadable/printable security posters for display to raise cyber security awareness in your office.
Make cyber awareness easy with our partner, CyberSafe Work.
Together We Determine What Security Plan Works Best For Your Municipality
Each municipality we work with has different wants and needs for their specific municipal website. Our technicians will work together to formulate and recommend a plan that will work best for your municipality. Contact us today for a free consultation.