- Attacks & Malicious Activity
Implement a Web Application Firewall (WAF) with Managed Detection and Response services. Check for a distributed denial-of-service (DDoS) protection layer and make sure to have a security service level agreement. Make sure the provider has easy to enable features for various "I am under attack!" specific scenarios. These types of services are usually not included by your web designer and will cost additional charges to make sure you are covered adequately. Finally, establish a relationship with a Managed Services Security Provider for all your website security needs.
- Content Management System (CMS) Maintenance
Many websites today are built with a content management system (Drupal, Joomla or WordPress). The reason is simple, it is easier for non-web savvy individuals to contribute content and control the site experience. However, these systems require constant care and maintenance due to being at risk from an open source software perspective. Websites must patch, update plugins and core versioning as security updates are released. Make sure you have a maintenance plan with your web hosting provider, or else your website will constantly be at risk and remain easily hackable.
- Secure All Member Data
Make sure you obtain a SSL Certificate configured with the top security best practices. An A+ Rated SSL Certificate will help keep member data secure, and also prevent man in the middle attacks from occurring on your website. If you have an embed login, or any webforms that collect member data, please check if your website is secure. Test your SSL certificate today, and verify you receive an A+ rating.
- Premium Hosting Providers
Choosing a hosting provider means much more than uptime. Today, your hosting services can determine your security as well. Thankfully, there are premium hosting platforms which include many other services like Container Environments, Immutable Code (important if you use a CMS), Anti-Malware, and even Encrypted Automated Backup Retention. Ensure your hosting provider uses container based hosting and implements best security practices for your website data.
Container Environments will keep your website assets separate. If Company A gets infected, Company B is protected. Immutable Code will ensure your website is write-protected, so CMS vulnerabilities can't modify your data. Anti-Malware should run on Container Environments to prevent malicious file uploads or activity. Encrypted Automated Backups should be run at least nightly, and able to be restored at any time. Make sure they are stored encrypted at rest.
All Co-op Web Builder sites include access to
our full suite of security services.
Learn more about how Co-op Web Builder can help secure your website today.
Container-based infrastructure
Co-op Web Builder is built on a container-based cloud architecture . Unlike traditional usage of clusters or virtual private servers, containers allow lightweight partitioning of an operating system into isolated spaces where applications can safely run. If Site A gets infected, Site B is protected
Included Maintenance Plan - Update Core, Plugins and Patching.
Let our team handle the updates for you. Sit back and enjoy included maintenance for all your websites. We will update core, modules, and patches as released. Our WAF also protects against common CMS vulnerabilities and 0-day exploits.
Custom WAF & Denial of Service Protection
The Co-op Web Builder included security services provides industry-leading DDoS protection, Vulnerability Management, Managed Detection and Response for each website. Our WAF has over 10 years of acquired self-learning knowledge of electric cooperative websites, and evolves over time.
Managed HTTPS
Keep your site and your members data secure with fully managed, and dedicated HTTPS certificates. We obtain and provide high-grade encryption with TLS 1.3 for all of your sites.