A Message On The Security Of Your Website And Data From ASTOUNDZ Founder/CEO Steve Winter
With all of the work from home orders, too many people have too much time on their hands, and this includes people with both good and bad intentions, creating even greater security threats within the technology front. Having had my own email compromised in the past several months, I thought this would be a good time to reinforce the lengths we go to in securing our clients’ websites, and from a business perspective, on what we see and recommend around security. I’ve spent over 25 years in the IT industry, most of which have been in the managed services world taking care of hundreds of companies’ infrastructures; security, reliability, and disaster recovery are always top of our mind.
Because of our focus on security, ASTOUNDZ is always striving for best-in-class hosting with our clients’ websites that have been entrusted with us. This begins with dedicated servers from industry leaders like WPEngine.com out of Austin. We utilize companies like WPEngine because they, too, are focused on security, reliability, and disaster recovery. They are WordPress experts and only allow vetted and approved WordPress plugins, and force all websites to be kept up-to-date to help mitigate any security vulnerabilities. Every website we host is backed up on a daily basis and we maintain a 30-day running history so we can recover in case of any issues. We also implemented Sucuri.net as an additional layer of security on top of our websites. Sucuri provides an extra firewall layer and monitoring to prevent distributed denial of service (DDoS) attacks, malware, and other hacks as well as geo-blocking from corrupt countries.
ASTOUNDZ also monitors our websites for up/down issues every few minutes to ensure they are up and running properly. We typically know of any issues well before our clients are ever impacted. Knock on wood, in our many years as an SEO web marketing company, we have never had a major event with any of our websites, and we have experienced almost zero downtime. We want you to feel very comfortable that your website in our hands is extremely secure, is very stable and, in the case of a disaster, we can quickly recover from a negative event. Nothing is 100% secure, but we feel we’re as close as we can be.
Now I would like to discuss security in general and other measures ASTOUNDZ has taken. All of our systems are in the cloud and we have implemented what is referred to as two-factor authentication (2FA) or multi-factor authentication (MFA) on all of our data. Once my email was hacked, I realized a 90-day password policy and long passwords by themselves were not enough. We, therefore, implemented MFA on all of our systems. One of the biggest concerns I think all companies should have is around their data security and ransomware. I tell all of our friends and clients with small and medium businesses that we see no reason for their data to be stored on a personal computer or a private server in their office. They are too easily compromised. With very inexpensive data storage like One Drive, Dropbox, and Google Drive, where your data is easily accessible and recoverable, there is no reason to store data on individual servers or desktops. We have seen too many individuals and businesses lose very sensitive data they could not recover. This can easily damage your business, and some have had extreme difficulty recovering.
Passwords are another big issue. How many of you all store your passwords in Outlook? This is very risky and easily compromised. We suggest password vaults like OnePass or Keeper, and that you change your default admin names and always use complex passwords. It is very important that you enforce password policies on all of your systems and we highly recommend multi-factor authentication in a world where too many folks have too much time on their hands. If you have any questions or want to discuss recommendations on securing your data and your systems, please feel free to reach out ASTOUNDZ for any assistance. We want the best for you, especially around security.
