Security and privacy are core values, so we take them into account all the time, it's never a finished checkbox.
After a recent review of our systems by an enterprise security expert, I'm introducing a few new security/privacy things to my hosting services. They're all what I would consider 'security in depth' type measures - i.e. they're adding additional layers of security.
Since I'm due for a new physical server this summer, I'll take the opportunity to introduce some of these features first with the new server, after which I'll "backport" them to my existing services.
- Encrypted Backups
- Two-factor Authentication
- Intrusion Detection/Protection
- Regular Platform Update Window
Reliable backups are important for multiple reasons, but they're also a common source of privacy breaches. As well as protecting the backup files from access, the backup files can also be encrypted for additional protection in cases where the backups files get exposed or copied.
This means: when authenticating yourself (i.e. logging in), you need more than just a username and password. You almost certainly have already had this added to most of the other systems that you work on (your on-line bank, facebook, and just about any other large on-line system).
I've postponed this one, probably for too long now, due to fears that sometimes these solutions get rushed for performative/checkbox reasons and end up generating unreasonable amounts of hassle without notably improving security.
But after trying it out with my own site, and seeing as how most of you will now be familiar with the concept, I'll be encouraging you to make use of the drupal "two-factor authentication" module. I use it with a simple open-source android phone app called "FreeOPT+" (which will even work without an internet connection).
Although all our systems are protected with multiple firewall layers, any piece of software exposed on the Internet will be "attacked". Typical ("script kiddie") type attempts are already being monitored for and blocked with a system called "fail2ban", but I'll be adding another more general purpose tool that provides another layer of detecting and protecting against bad behaviour.
Drupal and CiviCRM both have a common update window on the third Wednesday of the month. This allows all of us to block off a regular small part of the month and have more certainty that the rest of the month will not be disrupted by non-emergency updates.
Starting in August, I'm going to make use of this shared window of time to also do "platform" updates on a regular basis around that same time frame. That means your "containers" will get reliably refreshed once a month in both senses of the word - i.e. with the latest revisions of your php and mysql database version, but also "restarted" which makes them less likely to have unpredictable failures (which tend to grow over time).
Questions? You probably already know how to reach me, or you can use my contact form