Sympact

Data Security

The following data security features will be in place to protect sensitive information transmitted to and from your website:

System Design Reliability: The Sympact CMS website management system is used by hundreds of firms nationwide, and has been in place for well over 9 years, giving a track record of reliable and secure operation.

Specific Sympact CMS Security Features:

  • PHP PDO SQL Query system that enforces paramterisation in order to prevent SQL injection.
  • No client-specific FTP access.
  • User passwords are encrypted before being stored.
  • Secure Socket Layer protection (Optional): Any data entered into your website and transmitted to the hosting server is encrypted using 2048-bit signed SSL certificates. Credit card details also have an additional AES-256 encryption applied prior to submitting through the SSL.
  • Email Notifications (Optional): Instead of sending the content of your website's form submissions, the CMS will simply send you a notification to view the responses through an SSL protected secure log-in area.
  • Individual Administration Users: You can establish log-in accounts for any staff that requires access to edit the website content. All changes to published data is audited with roll-back capability. All deletion and transmission tasks (such as sending email newsletters) also require an authentication password over and above the user's log-in credentials.
  • Any clients that you grant access to are controlled with a comprehensive access level regime with individual content available for specific users.
  • File Location: All sensitive documents are located behind the public website folder, using php scripting to authenticate access prior to serving the document.

Disaster Recovery at Server Level:

  • Your hosting server uses a hardware RAID configuration of enterprise grade hard drives, enterprise level processors and mainboards. Should a hard drive fail, a hot-swap of the failed drive can be performed without any downtime.

Backups:

  • We also take weekly backups of your site stored in another state in the case of complete data centre failure. In the case of a hacking that destroys both the online primary server and the online remote backup server, we store weekly backups offline (disconnected from the internet) for restoration on a fresh server if required.