How Secure is Your Website from Hackers?
Synergy 8’s infrastructure features multi-tiered protection to mitigate threats before they reach your website. We use the following security measures:
- Physical firewall appliances
- Network intrusion detection systems
- Web application firewalls
- Network segmentation
- CCTV monitoring of equipment
- Multiple layers of physical security
- Brute force password security
- SSL for e-commerce and administrative tasks
- Internal VPNs
- Geolocation tagging
Most websites are vulnerable to attack.
Hackers will try to steal your customers information to sell on later in cyber black markets, to send spam from your e-mail accounts, to install viruses on your web server which will infect your customers, to deface your website and to advertise on your website for royalties.
Our Security Measures
How do we prevent this? First, let’s look at the web hosting environment – the servers and infrastructure where your website is stored and served from. Most web servers are directly connected to the internet with no filtering or blocking systems in place to stop unwanted data.
The first tier is an ‘Intrusion Detection System’ which deeply inspects every packet of data for patterns of common threats. When a malicious pattern is detected, the IP address of the hacker is blocked from the network.
Data next meets a ‘Network Firewall’ which allows only connections to valid services. For instance, connections are only able to be made to web servers, or email servers and not database servers or for internal administration.
Then comes a ‘Web Application Firewall’, which protects against common web application vulnerabilities.
Finally, the filtered data is passed onto the public servers where your website is hosted.
These servers are protected with their own individual firewalls, anti-virus and anti-malware software. There is also an internal network that is highly restricted for backups, authentication, time synchronization, logging and administration.
The entire infrastructure is scanned on a quarterly basis by an external auditing company.
Physical Data Security
There is also the physical side of security to consider. There is no point in having all this if someone can walk in and out with a server under their arm.
There are at least four security perimeters to clear before gaining physical access to Synergy 8’s servers, with each step monitored by CCTV and protected by swipe card access, pin codes, and keyed security to a cage containing the servers.
In terms of reliability, the facilities are supported by multiple power connections from the grid. In the event of power loss, there are banks of UPS batteries which take over until a diesel generator fires up.
Around the clock, Redundant Air Conditioning systems ensure optimal operating conditions for the entire infrastructure.
If fire breaks out in the facility, fire suppression systems trigger a release of CO2 to choke the flames, protecting the equipment without the use of water.
The servers themselves are fully redundant, meaning that all parts have duplicates installed in the case of a part failure. Hardware spares are kept on hand for responsive replacement of defective equipment with minimal or no disruption.
All administrator accounts are required to also have mobile phone numbers attached to them.
Should we detect anything suspicious about your login, we will send you a text asking for you to confirm access via a code sent to your phone.
Vs WordPress Website Security
Many websites run on WordPress, and according to security experts “WP White Security”, more than 70% of WordPress installations are vulnerable.
Although updates and new versions are available every so often, this can be problematic with older versions becoming vulnerable and requiring constant attention. And if patches and plugins are poorly written, you can be faced with a non-functioning website until it’s fixed by the developer. Designers are all too familiar with the “White Screen of Death”.
Open source systems like WordPress and Drupal are organically developed by the community. This sounds good in theory, but creating software is like constructing a building. It requires a good foundation with architecture and pillars supporting the rest. Could you imagine a thousand men building a sky scraper?
Everyone has their own ideas as to how it should be built, and as a result there is little standardization in the way things are done leaving security holes and inconsistencies.
Synergy 8 sits above many other platforms with the systems structured architecture. Developed and maintained by one team, the neat hierarchy eradicates flaws and weaknesses and the hosted solution allows for updates to be managed and released automatically.
Synergy 8 also has a developer API for extending the system. Its code base is ‘open-sourced’ to registered developers providing the control and flexibility required to make anything possible.
The managed, structured, hosted approach protects you and your data with bank-grade security running in an enterprise-grade environment.