1. Science / Technology

CMS and IT security

Written by Posted on Less than 0 min read
Disclaimer: This is a user generated content submitted by a member of the WriteUpCafe Community. The views and writings here reflect that of the author and not of WriteUpCafe. If you have any complaints regarding this post kindly report it to us.

A few reminders on computer security

 The 4 main objectives:

  • integrity: the data present are indeed those that we want to provide,
  • availability: maintain proper functioning of the website (and its IS),
  • confidentiality: some data is only accessible to authorized persons,
  • authentication: access to resources only to authorized persons,

What are the origins of the risks:

-operational origin system (software bug, design, configuration, parameterization error, etc.)
– physical origin (accident, breakage, breakdowns, power cut, etc.)
– human origin (internal: error, incorrect use of the application, opening of emails dangerous or external: embezzlement, hacking, malware, fraudulent smtp use, etc.)

Security must therefore be understood
in a global context

  •  sensitizing users to security issues.
  • logical security, that is, security at the level of data, applications and operating systems.
  • telecommunications security: network technologies, company servers, access networks.
  • physical security, ie security at the level of physical infrastructures (secure rooms, places open to the public, staff workstations.)

This supposes a security policy with:

  1. A physical and logical security system (tools and user management)
  2. An update management procedure
  3. A planned backup strategy
  4. A disaster recovery plan

What are the answers for a CMS:

Point 1: security of tools and CMS (joomla, WordPress, Prestashop, …)

  • update of the web server: application of security patches
  • password policy
  • management of .htaccess files and robots.txt (exclusions)
  • management of rights on the site's files and directories
  • update of the CMS and the extensions used

Point 2: security of the hosting / server

  • data centers placed under high protection and remote
  • Network side security (speed and downtime)
  • Server side security (infrastructure, power supply, card, etc.)
  • Fire and electrical safety
  • PHP> 5.3
  • Anti-DDoS protection

Points 3 => internal policies of the company or partner 

What can we conclude for a good security policy?

Applying security measures on CMS tools as well as on the server seems obvious.

On the other hand, faced with internet fashions, the obsolescence of information on the internet, the multiplicity of other risks, mainly human (external constantly increasing and constantly evolving and internal, more than 50% of the causes …), all this indicates that today in our world of “disposable” (we change our site on average every 3 years) or with regular backups of the site and data, the best security seems to be quite simply the change / redesign of the site and / or its hosting!

Member since
Best Digital Marketing Company in Lahore https://www.onlinemediatrend.com/
Do you like OMT Lahore's articles? Follow on social!

Try Our Free SEO Tools

Article Rewriter Plagiarism Checker Word Counter Fake Address Generator Random Word Generator Website Worth Calculator Password Generator

Login

Welcome to WriteUpCafe Community
Join our community to engage with fellow bloggers and increase the visibility of your blog.
Join WriteUpCafe