As a leader in the eCommerce and information technology world, Clarity Ventures stays on the cutting edge of security for all of our clients (and their clients). This is evident by Clarity’s security being completely unaffected by the recent ‘Heartbleed’ vulnerability. With Clarity we offer multiple extra layers of security upon request so you can be sure your sensitive data is protected.
Securing unused ports
We are able to do a hard lockdown on any ports not being used by host processes. This makes it incredibly difficult for anyone to find an unauthorized access point into the system.
PCI DSS Auditing
The Payment Card Industry Data Security Standard
is a standardized security requirement developed jointly between Visa, American Express, Discover, and the Japanese credit bureau to protect their customer’s financial information. PCI DSS comes with a set of mandatory compliance guidelines that must be verified annually at minimum.
Secure Sockets Layer and Transport Layer Security are protocols that encrypt the transmission of data between the server and client, preventing data interception or ‘man-in-the-middle’ attacks from being able to access any data. Any data transmitted to or from is secure against unauthorized access.
Full Database Encryption
The entire database can be encrypted to safeguard against the actual database becoming compromised. This makes it so even if someone has physical access to the database, the information cannot be decrypted without authorized access.
‘Whitelisting' IP ranges
One of the most intensive security measures that can be implemented is known as ‘whitelisting’ of the IP a user accesses the server from. All IP addresses not on the whitelist are unable to even attempt to login. This is a very time consuming and inconvenient security measure due to the requirement that all authorized users IPs must be manually entered into the system, and if they change where they are attempted to log in from (mobile, hotel room, vacation, etc) or their IP address is changed by their ISP, they will be unable to log in until someone manually inputs the new IP address range in the whitelist.
Dedicated vs Shared server
All of these features, with the exception of securing ports can be implemented on a shared server. However, the fact of the matter remains that other, possibly unsecured, websites and databases are hosted on the same machine. There are safeguards put in place to ensure data is not accessed between the two, but using dedicated hosting is a simple way to completely remove that possible access point.
Secure Password Enforcement
The weakest point of any system is the users, to that end, it is possible to mandate certain password strength requirements. Such as: password length, composition (requiring each password to have a certain amount of letters/numbers/special characters), prohibition of common passwords, and mandatory password changes at any period of time.
Clarity Can Help
To find out more about hosting security options, or to have Clarity audit your current security, contact us for a free quote today!
Get a Quote: 800.928.8160 (toll-free)