The Different Layers of Website Security
What makes a website ‘secure’ can vary, depending on who you’re talking to. It depends, among other things, on the type of organization you have, how visitors interact with your site, and the type of content your displaying. Media Temple’s in-house security provider, Sucuri, describes website security well:
There are no turnkey solutions to security; instead it’s a combination of people, processes, and technology that help create a manageable and scalable approach to security for any organization.
The best way to approach the topic of security is to break down some of the different layers of protection, offered in the Media Temple Security Pack, and examine how they come together to secure your site.
Web Application Firewall (WAF)
In today’s hyper-connected environment, hackers find ways to access sensitive data as it moves from external sources to servers. WAF is a highly specialized security solution that works at the application level and protects your website proactively from malicious traffic, obstructing and removing malicious requests before they cause any damage. It is proactive in that it can generate rules to block specific vulnerabilities, protecting your website from brute force attacks, SQL Injection, malware, DDoS, blacklisting, and more.
Content Delivery Network (CDN)
If you’ve noticed a performance degradation on your site, or if your site metrics indicate that your customers are arriving and leaving within seconds – it may be time for a CDN. A CDN allows for the quick transfer of assets such as images, videos, and applications, through caching and optimization. Caching minimizes the distance between your site’s visitors and your website’s server. Rather than waiting for content to transfer from the origin server, which could be as far as across the country, visitors can get that content from a nearby server. On average, our Sucuri-powered CDN decreases page load times by 70%. A CDN not only improves performance but is also one of the first lines of defense against Distributed Denial of Service (“DDoS”) attacks.
Secure Sockets Layer (SSL)
An SSL is an electronic document that is used to establish id entity and trust between two parties: the web site and the web browser. That little padlock icon in your browser is used to signify that traffic to and from a website is encrypted. This encryption is especially important in the transfer of sensitive data like personally identifiable information (PII) and credit card information. These days, SSL is a base requirement for data protection, so much so that Google will boost your site ranking if you have an SSL certificate. With the Media Temple Security Pack, you can easily provision a free Let’s Encrypt SSL or upload your own custom SSL certificates from your Security Dashboard.
As you can see, WAF, CDN and SSL each add different layers of protection. For example, while SSL ensures the secure transfer of data, it doesn’t protect against malware infections – that’s where WAF comes in. That said, there is really no way to guarantee these processes catch every single intrusion or attack. That’s why Media Temple’s Security Pack is so powerful – you not only get the protection that WAF, CDN and SSL provide, but you also get 24/7 monitoring, which includes daily automated malware scanning, ensuring that attacks are detected before doing too much damage.
There’s no doubt that proper website security is essential to a healthy site for you and your customers. To learn more about the Media Temple Security Pack, visit our site today.