Consequences of Website Intrusion
Having your website hacked has potentially severe consequences. Even a minimal intrusion is embarrassing and stressful. A severe intrusion could shut down your site or even hi-jack its traffic, routing your visitors into unauthorized destinations. Sensitive data can be compromised, regaining control can be expensive, and some damage may never be undone.
As of this writing, we know of no intrusions or other hacking events on sites hosted and developed with MTS. We investigate known instances the moment we are made aware and take pro-active measures to combat hacking and intrusions. By design, most measures are transparent to end users, so often website security is overlooked. After all, if you don’t see the security measures, how do you even know they are in place? Not only are they deliberately transparent, they are generally not discussed (we prefer not to discuss specifics of security measures, so as to avoid compromising them).
Security Best Practices
These are some best security practices that we can discuss, as they are well known:
- Strong passwords, changed regularly, and not used across accounts.
- Use of proven encryption protocols to transmit and store data.
- Use of VPNs where practicable.
- Use of dedicated intrusion detection and prevention appliances.
- Network monitoring for known and potential threats
- Installation of preventative software at all workstations
- Quarantined regular system backups
- Timely installation of software updates
- Retirement of end of life software and hardware
- Principal of least access as a standard policy
Our websites are reviewed from a security stand point on a regular basis and measured against these best practices. Strong passwords are required for all site users. Currently we are in the process of implementing SSL on all of our hosted sites. Our hosting constantly monitors all access attempts, maintains all software at the latest functional versions. MTS policy is that all network systems must be currently supported by the Vendor.