overview of ratesetter web security

RateSetter web security

Updated July 2014

See the blog post here: http://www.ratesetter.com/blog/An_overview_of_RateSetter_web_security.htm

Organisations increasingly falling victim to cybercrime

Citigroup

Businesses have suffered planned hijacks resulting in compromised customer data

Ebay

AdobeFacebook

Vodafone

AOL

Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

RateSetter’s security approach

1 In-built security with Microsoft’s .NET framework

Security Function Description

Authentication

Helps to verify that the user is, in fact, who the user claims to be. The application obtains credentials (various forms of identification, such as name and password) from a user and validates those credentials against some authority. If the credentials are valid, the entity that submitted the credentials is considered an authenticated identity.

Authorization Limits access rights by granting or denying specific permissions to an authenticated identity.

2 Actively maintained server firewalls

Firewall: a software program that helps screen out hackers, viruses, and worms

RateSetter is continually maintaining our firewalls through

batch updates manual configuration

to better shield from unwanted traffic entering our website.

3 Advanced database encryption

Our database has built-in data encryption for passwords and is accomplished by means of

built-in system procedures.

4 Optional 2-stepauthentication

In 2013 we introduced

and continue to recommend the

option for all savers to switch on

2-Step Verificationto increase the

security of the log-in process to their

accounts.

Protecting hardware responsible for delivering service and storing your data

RateSetter utilise two secure web hosting data centres which house thousands of the latest

web servers, maintained 24x7 by an expert team of engineers.

Penetration testing to find weaknesses

At RateSetter we want to be a step ahead of the

game and seek 3rd party penetration testing to

stage a controlled “attack” on our systems. These help identify the

areas we need to improve to further secure your data from hackers and

malicious software.

5 tips to improve security across the web

1. Regularly change your passwords

2. Use 2-Step Verification wherever possible

3. Protect your computer with antivirus software

4. Beware of phishing and email scams

5. Be careful what you download

We hope you’re reassured by the security measures we takenow visit the website to learn more about how we

minimize risk!

www.RateSetter.com