Preventing Attacks On Municipal Websites Before They Start
360Civic has developed simple but effective tools to repel attacks, from two-form identification using mobile phones and email, to visual passwords that are harder to crack.
We segregate access rights so the fewest number of administrators or government personnel have the privileges necessary to do their work. By integrating with Active Directory and other technologies, we can update users and remove former users quickly. We also enhance security by hardening open source CMSs and developing both open-source and proprietary modules.
And that is still just a start. The 360Civic plan for protecting municipal websites also includes:
- Incorporating firewalls and security certificates
- Limiting access to information strategies
- Layout design with a clear delineation between public and private information
We Can’t Stop Hackers From Trying
But 360Civic can slow them down by requiring all of our web technologies to use non-standard naming conventions, directory structure and user names so that brute force attacks are hindered and repelled more effectively.
We look for the patterns of attacks and create alerts to address them, while notifying security teams.
We use string encryption when storing important information or communicating with internal servers.
We lock down access, by IP when possible, to further limit intrusions.
And if 360Civic is hosting your site, we oversee all security and update functions, either with or in place of your internal personnel.
A Day One Discussion
We realize that municipalities are eager to move their site projects forward as quickly and efficiently as possible. But security must always be an integral part of that effort, which is why it will be part of our initial presentation and everything we do moving forward. It is not an add-on; it’s how we do business.
If security is important to your mission, then 360Civic is the company for you.