How Publitas Keeps Your Content and Information Secure

 

Illustration of a lock with ISO 27001 code.

The security of your content and data is of paramount importance if you want to remain a trusted brand in the eyes of your customers. We appreciate the lengths you go to maintain your status as a legitimate and safe web entity for all of your stakeholders.

We maintain exceptional security standards — certified with the highly recognized and trusted ISO 27001 — and use reputable web hosts whose attitudes and values towards content and browser security parallel our own.

Using third-party tools on your website can be a risky endeavor, so we've made this post to give you some insight into how we keep yours and our content secure. We aim to ensure that when you host content on our platform or embed our technology into yours, you aren't compromising the security of your digital assets.

Publitas is ISO 27001 certified

ISO 27001 is an international standard and framework that helps enterprises protect the confidentiality, integrity, and availability of their information. ISO 27001 is recognized around the world, across organizations, jurisdictions, and institutions.

Published by the International Organization for Standardization (ISO) and in partnership with the International Electrotechnical Commission (IEC), the guidelines set out in ISO 27001 guide companies on how to protect information with an Information Security Management System (ISMS).

Here at Publitas, we have ISO 27001 certification and maintain our security to match the standard or even beyond. We're fully compliant, and we've taken all of the necessary steps to keep your and our information secure.

We test Publitas' security against external cybersecurity researchers

People looking to steal or exploit electronic information held by an organization are constantly on the lookout for new ways to get around IT security systems and access your devices, networks, and programs.

That's why it's a standard practice among leading organizations to test their IT security by hiring external cybersecurity researchers (sometimes called ethical hackers). These try to break into an organization's network and databases to weed out any weaknesses or vulnerabilities in a security system.

By taking a proactive approach to identifying flaws in a network, businesses can address and fix them before it's too late.

For these reasons, we hire outside cybersecurity "hackers" (the ethical ones) twice a year to carry out what's known as Black Box and Grey Box penetration tests.

With Black Box pentests, the external tester has no inside information of the organization and attempts to break through its security system. A 'fully blind' test to see how our security holds up.

With Grey Box pentests, we provide the external tester with partial information or access, making for a more complete test scenario.

We also have a Hackerone bug bounty program. Bug bounty platforms, such as Hackerone connect businesses with security systems penetration testers.

A public profile on Hackerone allows external penetration testers to test for security vulnerabilities in our systems. We pay testers a sum of money, or "bounty", if they discover weaknesses or bugs in our network, allowing us to fix these vulnerabilities.

Publitas’ servers are hosted on AWS

The servers where we hold yours and our information aren't just with any of the countless web hosts you find on the internet. We host and run our servers on Amazon Web Servers (AWS).

With customers such as Netflix, Moderna, and Capital One, it's probably of no surprise to you that AWS takes web security seriously. AWS protects its network of cloud servers and systems by the most comprehensive and sophisticated security applications, procedures, and criteria that meet the requirements of the most security-sensitive businesses worldwide.

On top of that, AWS gives its customers several tools to improve the security of the infrastructure and application configurations that we use daily to ensure your data is safe and intact.

Publitas uses SSL encryption

An SSL certificate (Secure Sockets Layer) encrypts information sent between a server and a web browser. It's the standard protocol for holding a secure internet connection between two systems and ensures that sensitive information such as credit card numbers or personal information is encrypted and not readable by anybody outside the secured connection.

Websites or applications that have an SSL certificate installed should show in the user's browser that the connection is secure, and in Chrome, you'll see the closed padlock in the corner before the URL of the page. You should also see HTTPS before the URL and not HTTP.

You can rest assured that the Publitas platform has SSL certificates installed — meaning that any data which passes between our customers and our platform or its publications is secure.

For clients who want to publish our catalogs under their own domain, we offer a free SSL certificate that's quick and easy to install so that you don't have to use any third parties to secure the connection between your branded online catalogs and your valued customers.

SSL certificates are like signatures in the real world. Using them makes sure that the data transfer is encrypted and verifies the sender's — our platform in this particular case — identity.

You can protect your personal Publitas account with 2FA

As an added layer of security, the personal data of your Publitas account can be protected by two-factor authentication (2FA).

Additionally, we never store your username and password in cookies. Instead, we implement more advanced security methods based on dynamic data and encoded session IDs.

Publitas backs up your publications

We automatically and regularly make backups of your catalogs, so if the absolute worst-case scenario were to happen and the publications in your account were lost, we'd be able to restore them for you.

Want to know more about our security measures?

If you’re looking to use Publitas but want to ensure our product fits your company’s security standards, feel free to Contact us for more information.


comments powered by Disqus