Posted by Roger Idaho | Security, Website Development, Website Hosting

Consequences of Website Intrusion

Having your website hacked has potentially severe consequences.  Even a minimal intrusion is embarrassing and stressful.  A severe intrusion could shut down your site or even hi-jack its traffic, routing your visitors into unauthorized destinations.  Sensitive data can be compromised, regaining control can be expensive, and some damage may never be undone.

As of this writing, we know of no intrusions or other hacking events on sites hosted and developed with MTS.  We investigate known instances the moment we are made aware and take pro-active measures to combat hacking and intrusions.  By design, most measures are transparent to end users, so often website security is overlooked.  After all, if you don’t see the security measures, how do you even know they are in place? Not only are they deliberately transparent, they are generally not discussed (we prefer not to discuss specifics of security measures, so as to avoid compromising them).

Security Best Practices

These are some best security practices that we can discuss, as they are well known:

  1. Strong passwords, changed regularly, and not  used across accounts.
  2. Use of proven encryption protocols to transmit and store data.
  3. Use of VPNs where practicable.
  4. Use of dedicated intrusion detection and prevention appliances.
  5. Network monitoring for known and potential threats
  6. Installation of preventative software at all workstations
  7. Quarantined regular system backups
  8. Timely installation of software updates
  9. Retirement of end of life software and hardware
  10. Principal of least access as a standard policy

Our websites are reviewed from a security stand point on a regular basis and measured against these best practices.  Strong passwords are required for all site users.  Currently we are in the process of implementing SSL on  all of our hosted sites.    Our hosting constantly monitors all access attempts, maintains all software at the latest functional versions.  MTS policy is that all network systems must be currently supported by the Vendor.

Both comments and pings are currently closed.