overview of ratesetter web security
DESCRIPTION
Explanation of RateSetter’s approach to website security, data storage, penetration testing, and includes 5 tips to improve the security of your personal data across the web.TRANSCRIPT
RateSetter web security
Updated July 2014
See the blog post here: http://www.ratesetter.com/blog/An_overview_of_RateSetter_web_security.htm
Organisations increasingly falling victim to cybercrime
Citigroup
Businesses have suffered planned hijacks resulting in compromised customer data
Ebay
AdobeFacebook
Vodafone
AOL
Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
RateSetter’s security approach
1 In-built security with Microsoft’s .NET framework
Security Function Description
Authentication
Helps to verify that the user is, in fact, who the user claims to be. The application obtains credentials (various forms of identification, such as name and password) from a user and validates those credentials against some authority. If the credentials are valid, the entity that submitted the credentials is considered an authenticated identity.
Authorization Limits access rights by granting or denying specific permissions to an authenticated identity.
2 Actively maintained server firewalls
Firewall: a software program that helps screen out hackers, viruses, and worms
RateSetter is continually maintaining our firewalls through
batch updates manual configuration
to better shield from unwanted traffic entering our website.
3 Advanced database encryption
Our database has built-in data encryption for passwords and is accomplished by means of
built-in system procedures.
4 Optional 2-stepauthentication
In 2013 we introduced
and continue to recommend the
option for all savers to switch on
2-Step Verificationto increase the
security of the log-in process to their
accounts.
Protecting hardware responsible for delivering service and storing your data
RateSetter utilise two secure web hosting data centres which house thousands of the latest
web servers, maintained 24x7 by an expert team of engineers.
Penetration testing to find weaknesses
At RateSetter we want to be a step ahead of the
game and seek 3rd party penetration testing to
stage a controlled “attack” on our systems. These help identify the
areas we need to improve to further secure your data from hackers and
malicious software.
5 tips to improve security across the web
1. Regularly change your passwords
2. Use 2-Step Verification wherever possible
3. Protect your computer with antivirus software
4. Beware of phishing and email scams
5. Be careful what you download
We hope you’re reassured by the security measures we takenow visit the website to learn more about how we
minimize risk!
www.RateSetter.com