Hackers. Viruses. Worms. Spyware. If you’ve kept an ear to the ground on Internet news, you’re well-aware of security threats that await the unsuspecting user. At CPA Gardens, we’ve taken appropriate measures to ensure thatour clients’ sites are protected.
We've built our core application on top of Drupal, a content management system. This development environment is subject to routine security audits by high profile firms like Intel. Moreover, Drupal uses a robust encryption technology (“secure hash algorithm, or SHA-1) to process passwords before storing them.
Our host environment uses ConfigServer Firewall (CSF) to control traffic in and out of the server and protect against probing of services or brute force guessing attacks. Our Denial of Service (DoS) protection ensures that our sites are not vulnerable to attacks designed to disrupt availability. We use OWASP's NAXSI firewall to protect our SQL database and ward off errant code insertion (e.g., cross-site scripting or XSS attacks). We monitor security advisories and provide frequent updates to all of our sites to address the latest developments.
For an additional $25 yearly, we support a secure communications environment to protect all transmissions into and out of your site. Our technology leverages 128-bit AES encryption using Transport Layer Security (TLS) with perfect forward secrecy to protect your encryption key.We highly recommend you use this capacity if you plan to use the file sharing feature to transmit accounting and tax records to/from your clients.
All of these capabilities work together to keep your public website and private content as safe as possible.