Cloud CMS comes in two flavors - on-premise and hosted. For our hosted customers, we host 100% of Cloud CMS and take care of all of the data backup, migrations, security, load balancing and… well, everything! It’s the whole kit and kaboodle. It’s all of the DevOps and stuff solved for you.
One of the fun aspects of this is keeping up with security requirements around SSL and HTTP Transport. Cloud CMS customers automatically gain the advantage of SSL for all of their communication with the Cloud CMS API, user interface and hosted applications. We run secure HTTPS endpoints for all of customer touchpoints and this guarantees our customers connect and communicate with Cloud CMS over a secure and safe channel. Their data is secure and cannot be tampered with over the wire.
To guarantee this, we keep our infrastructure up to date on all of the latest security recommendations with respect to SSL, including recommendations around cipher strength, certificate authorities, protocol support and key exchange algorithms. Every few months, some news hits the security realm about potential or demonstrated weaknesses in these algorithms and strategies. As weaknesses are understood, new workarounds are recommended and we implement those recommendations right away.
As such, our transport security received top marks:
We’re proud of the “A” that we’ve earned for our transport security configuration. This is excellent security. And something that we’re very glad to be able to guarantee our family of customers.