Municipal Websites Best Practices Start With Security
Is security a substantial component of your RFP? Whether it is or not, it’s always an essential facet of the service 360Civic provides.
Through our decades of experience in web design, technology development and hosting services, we understand where vulnerabilities exist, and we integrate security features into every product we build.
Hackers target public entities. It’s an unfortunate consequence of our global online community. This will always be a challenge, but one that can be mitigated by minimizing opportunities for both sabotage and human error that can result in a security breach.
Preventing Attacks On Government Websites Before They Start
360Civic has developed simple but effective tools to repel attacks, from two-form identification using mobile phones and email, to visual passwords that are harder to crack.
We segregate access rights so the fewest number of administrators or agency personnel have the privileges necessary to do their work. By integrating with Active Directory and other technologies, we can update users and remove former users quickly. We also enhance security by hardening open source CMSs and developing both open-source and proprietary modules.
And that is still just a start. The 360Civic plan for protecting public sector sites also includes:
- Incorporating firewalls and security certificates
- Limiting access to information strategies
- Layout design with a clear delineation between public and private information
As the arms race escalates between public sector websites trying to protect confidential information and hackers trying to steal it, 360Civic is proud to announce a new ransomware protection service.
Ransomware protection is available to any entity that uses our servers for hosting. 360Civic will install a number of effective protocols to protect sites from ransomware attacks. The cost is $500 per month.
We Can’t Stop Hackers From Trying
But 360Civic can slow them down by requiring all of our web technologies to use non-standard naming conventions, directory structure and user names so that brute force attacks are hindered and repelled more effectively.
We look for the patterns of attacks and create alerts to address them, while notifying security teams.
We use string encryption when storing important information or communicating with internal servers.
We lock down access, by IP when possible, to further limit intrusions.
And if 360Civic is hosting your site, we oversee all security and update functions, either with or in place of your internal personnel.
A Day One Discussion
We realize that municipalities and schools and utilities are eager to move their site projects forward as quickly and efficiently as possible. But security must always be an integral part of that effort, which is why it will be part of our initial presentation and everything we do moving forward. It is not an add-on; it’s how we do business.
If security is important to your mission, then 360Civic is the company for you.