CIOs and technology leaders are too often at the whim of the next great threat. When a breach or attack does occur, they’re left scrambling to resolve the problem or apply a patch before any further damage can take place. We’ve seen it happen many times before, and we’ve seen the consequences these incidents can have on brand reputation.
A defensive approach to security is outdated in today’s fast-paced, digital-first landscape. Just as customers want brands to anticipate and serve their needs through personalized content and intuitive customer journeys, they also expect brands to take that same proactive and agile approach to securing their data. To ensure a secure foundation for all of their digital-first initiatives, organizations need to embrace an infrastructure that is secure and performant by design, adheres to industry compliance standards and is agile enough to evolve with the rising standards of today’s digitally native customers.
1. Security By Design
When it comes to security, why does it seem like companies are always lagging behind?
Too often organizations treat security as an afterthought, only taking steps to improve once an attack has been exposed or they’ve suffered a legal consequence. However, when it comes to cybersecurity, brands need to instill a security mindset from the ground up, not retrofit their tech stack with tools later to fill in the gaps. That’s why the Acquia Cloud Platform was designed to be secure and highly available out of the box. This includes features like multi-factor authentication, support for IPv6, GeoIP support and many more.
At Acquia, we have three dedicated security teams continuously monitoring customers’ sites and offering 24/7 customer support even at the application level. As an extension of this constant vigilance, we perform both independent and third party security audits and penetration tests to ensure that our platform is secure. We also provide comprehensive reporting on both platform and application security. The Acquia Cloud Platform provides log streaming to all Cloud Platform and Site Factory customers in addition to Acquia Insight, which evaluates your website’s security and your site’s performance and search engine optimization to help you monitor and optimize your websites. These deep insights empower your IT teams to more easily improve site security and performance and resolve incidents in less time.
Acquia is also a founding member of the Drupal Steward Program. This program, introduced by the Drupal Association and the Drupal Security Team, blocks some of the most serious and dangerous Drupal security vulnerabilities by establishing a network-level mitigation strategy. This ensures that all Acquia customers are protected from major identified vulnerabilities and gives them the freedom to schedule their Drupal patching in their own time, rather than working reactively.
2. Security Through Standards
Consumers have a preference for brands they trust. By choosing a provider that is transparent about their security qualifications and keeps pace with the ever-evolving industry standards, brands can maintain customer loyalty for the long term. Security is not only a shared responsibility between business stakeholders, but a global social duty. Therefore, when major customer data breaches or cyberattacks take place, the consequences are amplified on a global stage. As a result, organizations are held to ever evolving compliance standards that are set to help ensure the safety of customer data.
Acquia believes in investing in the most comprehensive and modern security and providing support for compliance standards so the brands we serve can be confident that they are fulfilling their business requirements. Acquia’s compliance portfolio is unmatched by all other Drupal hosting providers. The Acquia Cloud Platform compliance portfolio includes: SOC 1, SOC 2, PCI, HIPAA, ISO 27001, CSA STAR, GDPR, and one of the most stringent compliance authorizations: FedRAMP. Each of these certifications represents our commitment to ensuring platform security at the highest level.
3. Security Through Innovation
“Security” isn’t just a box you check off once and never worry about again. Just as the number of devices, channels and ways to access content continue to expand, so do the potential risks. Beyond platform-level security and compliance, Acquia provides customers with the option for additional layers of proactive protection.
Acquia Edge CDN and Edge Security provide dynamically configured WAF rules and an Anycast network to ensure comprehensive protection against threats to application availability. This includes preemptive identification and mitigation in under 10 seconds of any risk or impacts on customer site and application responsiveness tied to unpredictable, catastrophic security threats.
Beyond Acquia Edge CDN and Security, Acquia offers Acquia Shield, a virtual private cloud (VPC) for your Acquia Cloud applications. This allows you to securely and easily bridge from your corporate network to sites on Acquia Cloud for maximum control over business critical data.
So even though we may not be able to predict what the next threat will be, Acquia’s comprehensive security ensures that you’re able to cover it and stay safe from day one. For more on how the Acquia Cloud Platform prioritizes security for brands and their customers, check out our security features datasheet.