To have a secure system means not only to have the data protected but also to have secured the continuity of business operations and other online activities. CMS WebJET provides security benefits of an audited system for all its regularly updated WebJET distribution versions.
Website Security Basics
Overall website security consists of:
- Security of operating system
- Security of applications running under the operating system (database, other services).
- Security of web application.
Each disruption of the above listed destabilizes the complete online system. Therefore it is necessary to minimize risks in each of these areas. The security of operating system and running services is maintained by IT department of the hosting company or, if appropriate, we can provide services of our experts. Web application CMS WebJET is a long-term tested standard in the field.
CMS WebJET Security Solutions
Security parameters of CMS WebJET are based on the technology used. Among many others, they are the following:
- Application logic is divided into two parts according to Model View Controller paradigm: business layer (database operations) is separated from presentation layer (HTML code). At the same time, business layer is located on the server in a compiled form and cannot be directly modified.
- The database operates through Prepared Statement – it is not possible to perform SQL Injection attack and so to access and copy the sensitive data.
- Logging into Administration area can be limited to selected IP addresses. If necessary, it is possible to activate authorization via SMS message: after entering user name and password, a verification SMS code is generated and sent to the user.
- Any part of web presentation in CMS Web JET can be password protected on the section level as well as on single website level. The download files are protected in the same way.
- CMS WebJET can be operated also on Windows or Linux/Unix platform with no need to change the code. If your company possibly decides that Windows platform is not adequately protected against the outside attacks, you can simply and easily transfer the system into Linux platform.
- All front-end level and back-end level operations are recorded in so-called logs. The records can be also distinguished according to the user who performed the operation.
In case of specific security needs, we design and implement special security of a website or the Administration area according to your requirements.
Logging and Password Protection
CMS WebJET logging is a standard procedure: it is accessed by entering the user name and a password. Logging is verified and in accordance with the pre-set rights it is either accepted or denied. All passwords are stored on the web server in an encrypted form.
To increase the security, it is possible to use encrypted HTTPS protocol, which encrypts complete communication between visitor´s browser and the web server. In addition, logging mechanism can be further enhanced by identity verification through SMS message.
Regular Security Audit!
CMS WebJET is due to its modularity a successful solution for smaller commercial subjects as well as for large corporations and financial institutions for whose needs the system regularly undergoes a strict security audit provided by independent companies. The system must meet the most demanding security criteria. The audit reveals potential weaknesses that are immediately repaired and the patches are included in standard installations for other clients. Thus, this process provides advantages of an audited system also for smaller and medium businesses.
CMS WebJET provides you with the high security level.
Any questions or want to learn more?