Cybersecurity for websites and eCommerce stores, is not only becoming mandatory with stricter government regulations, but also avoids downtime, safeguards sensitive data and protects against spreading malware and viruses. Security is a priority for us. To enable a secure systems setup we have arranged services into separate layers, which makes it possible to adapt to different security requirements.
- Low on dependencies
Security is not better than the weakest link, we keep track of security breaches and limit dependencies and unknowns. - SBOM available
At Cradle CMS we work with SBOM (software bill of materials) as a way to increase security and as a part of software supply chain risk management. - Self-managed hosting
Hosting is under your control, deploy in the cloud, on premise or a mixture. - No need to use CDN
The application handles performance and storage of data. There is no need for offloading with CDN.
Service oriented architecture
Cradle CMS and eCommerce software is build with loosly coupled services in a service oriented architecture (SOA), where the services can be separately deployed and with a messages bus in the center for event handling. Our architecture enables the possibility of physical separation of services, storage and databases.
The physical separation combined with encryption on rest both on storage and the databases protects against data theft during ransomware attacks, hardware theft or unauthorised access to your servers.
- Multi-server setup possible
The services, databases and storages can be deployed separately, making it possible to, for example, secure admin access behind a firewall. - Security by TLS
The message bus can be configured with security by TLS requiring encryption and authorisation with SSL from all connected services. - SSL-certificates
Supports automatic https certificates from Let’s Encrypt and other ACME compliant providers and compiles the code with a cryptographic method using FIPS 140-2 certified crypto library. - Structured logging
Logging and monitoring are important security features that can help detect and respond to security incidents. They involve keeping track of user activity and system events, and analyzing them for signs of suspicious behavior.
Role based access control
- Access Control
Roles with different level of permissions. Human errors are considered to be a weak link for security and limiting privileges to only those who need them reduces the risks considerably.
Frontend security
Taking responsibility for safe usage of your site is best done by knowing your frontend code and serving everything from servers under your control and with a backend you can trust.
- Content Security Policy (CSP)
CSP is a security feature that helps prevent cross-site scripting (XSS) attacks and other code injection attacks. It allows website owners to specify which sources of content are allowed to be loaded on their site, such as scripts, stylesheets, and images. - Form input validation
Form input validation is a security feature that helps prevent attacks, it checks user input for malicious code or invalid data before processing it.