Pantheon Dives Deep Into Security For WordPress And Drupal Websites
SAML and Secure Runtime Access Help Protect the Entire Website Stack in the Cloud
Jun 18, 2015, 08:00 ET
SAN FRANCISCO, June 18, 2015 /PRNewswire/ -- Pantheon, the only website management platform for WordPress and Drupal, announced today it is diving deeper into website security with the addition of new features designed to protect the entire website stack in the cloud. The addition of Security Assertion Markup Language (SAML) and Secure Runtime Access further demonstrate that Pantheon is the most secure platform for building, hosting and managing websites. With Pantheon, websites perform 2-4 times faster while being securely isolated from critical business data and protected from common vulnerabilities like hacking attempts, malicious bots, and human error.
The Identity Theft Resource Center found 85,611,528 personal records were exposed last year. Websites are often a beachhead for malicious attacks allowing hackers to leverage compromised website servers to gain access to a company's most sensitive customer and business data. A company's websites need to be thoroughly protected from malicious actors on the Internet. Sites also need to be isolated from all internal data systems in order to protect company data from hacked sites. Website management platforms provide the deepest level of protection from accidental data exposure caused by employees and contractors, website infrastructure ("the stack") vulnerabilities, and insecure connectivity between websites and business systems.
Websites running on the Pantheon platform gain integrated security capabilities at every level of the stack. New additions to Pantheon platform's security include:
- Secure Runtime Access - Pantheon protects all access to runtime resources including Drush, WP-CLI, or backing services like MySQL, behind the security of an encrypted SSH tunnel. Rather than connecting directly, developers first establish a secure channel between their workstation and the Pantheon platform for all communication.
- SAML - For organizations with SAML compatible single-sign-on solutions, Pantheon allows authentication of users to the dashboard via your own internal sign-on system.
"At NVIDIA we take security seriously and have very high standards for security requirements for our applications," said Manish Harsh, Technical Program Manager, NVIDIA. "Running our sites on Pantheon with SAML allows us to access our website environments securely using internal identity management system. I would say Pantheon makes it easy for my team to securely access our sites without risk of exposure."
The Pantheon platform was designed with security in mind from its infrastructure to the features and functionality it enables. Pantheon delivers:
- Protection and isolation of websites - By running websites in the cloud on the Pantheon platform, sites are logically isolated from critical business information.
- Core updates to Drupal and WordPress - Never miss Drupal and WordPress core updates with one-click updates on the platform dashboard.
- Maintenance and management of entire website stack - Pantheon secures the entire stack including: database, apps servers, web servers, file servers, etc.
- Denial Of Service Protection - Pantheon works with Rackspace and CloudFlare to provide industry-leading management of denial-of-service attacks.
- Network Intrusion Protection - Pantheon uses a x.509-based public key infrastructure (PKI) for enhanced network authentication and encryption.
- Antivirus Protection - Antivirus protection is bundled into the platform to ensure our system's integrity and to prevent malware from spreading.
- Change Management - Pantheon's workflow enables developer best practices with test and live environments along with site permissions and audit trails.
- Two-Factor Authentication - Pantheon supports two-factor authentication and IP-access restrictions bringing additional layer of security to passwords.
"As we have seen in the news, no company, entity, or organization is safe from security attacks," said Pantheon Co Founder and CEO Zack Rosen. "Pantheon relieves the burden of securing websites so you don't have to. Simply put, running your website on shared infrastructure is asking for attacks. Pantheon is the safest way to run all your Drupal and WordPress sites in the cloud."
For more information on securing you website stack with Pantheon visit https://pantheon.io/platform/security
Founded in 2010, Pantheon is the only Drupal and WordPress website management platform, running more than 100,000 sites in the cloud. Pantheon's multitenant, container-based platform enables developers, creative agencies and companies to manage all of their websites from a single dashboard. Pantheon delivers the fastest, most secure platform for developing, testing, and launching all your websites. Customers including Arizona State University, Cisco, Intel and United Nations trust the Pantheon platform. For more information about Pantheon, visit: https://pantheon.io
Share this article