Reliable Hosting
A great website deserves a great home, and internet security continues to grow as a top priority to credit unions and the NCUA. We have worked closely with our hosting partner, RackspaceTM, to provide our clients a robust custom environment at a very affordable price. Our environment includes:
-
Fully redundant private cloud environment
-
Dual-redundant network firewalls
-
Dual-redundant load balancers
-
Web Application Firewall (WAF)
-
Intrusion Detection/Prevention System
-
Proactive server management and patching
-
SSAE-16 SOC II compliance
-
RAID storage with daily backups
-
24/7/365 Server monitoring
-
Third-party monitoring
-
DDoS Prevention
RackspaceTM is a tier 3+ internet hosting provider with the highest level of accreditation available, including SSAE16 Type II, SOC 1, 2 and 3 and ISO 27001.
Premium Security
Web Application Firewall (WAF)
In addition to the standard security monitoring and protocols that RackspaceTM provides, we also utilize a Level 1 PCI-certified Web Application Firewall (WAF). This firewall protects against the most critical Web application security risks, such as SQL injection, cross-site scripting, illegal resource access, remote file inclusion and other OWASP threats. Security experts ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance.
Websites are continuously probed for vulnerabilities. Regardless of your asset size, the WAF reports indicate that it is consistently blocking thousands of malicious probes/attacks on a DAILY basis. Most of these threats are not targeting our clients specifically; rather, they are automated bots that are probing the websites of all financial institutions for vulnerabilities. With the WAF, this malicious traffic never even reaches our servers.
WAF features include Geo-Location blocking and specific country white-listing and black-listing. Countries deemed high-risk are completely blocked. Approximately 85% of the security threats we block originate from high-risk countries.
Intrusion Detection/Prevention System (IDS/IPS)
The IDS/IPS provides an additional level of security allowing us to identify intrusion attempts and protect against security breaches. The system includes a hardware appliance and a security team that operates 24x7 to receive and analyze information in real time.