1、Brightspot eBook Guide to CMS Security Best Practices&Protocols204 Intro:The surge in cyberattacks05 What that means for CMS 06 Types of cyberattacks07 What you can do07 Security hygiene 08 Assessment checklist09 What you and your partners can do09 Defense-in-depth approach10 Partner considerations1

2、1 Ensure CMS security with Brightspot support12 ConclusionContents23Your CMS connects you with your readers,your employees and your partners.Its the drumbeat of your organization.A compromised CMS,however,is a highly sought-after target for cyber criminalsand potentially a significant area of vulner

3、ability for your business.This eBook details various CMS cybersecurity best practices to implement within your organization to keep it as secure and safe as possible.We explain why theres a surge in cyber criminal activity today and how this can impact your organizations content management system.We

4、ll then dive into the types of cyberattacks to watch for,what you can do to prevent them,and how to respond if youre under attack.And of course,well detail what you should look for in a partner to ensure their security best practices align with yours.Executive summary34Digital transformation efforts

5、 have been underway for decades,but over the last couple years,businesses had to expedite their digitization journeys as they shifted from survival mode at the beginning of the pandemic to our new remote and hybrid ways of working.McKinsey calls this expedition the“The Quickening”where some business

6、es took a years-long roadmap and reduced execution to a few months in order to navigate the pandemic effectively.While this record-breaking agility in developing and implementing new technologies and solutions to keep businesses afloat can and should be celebrated,it also has been met with new chall

7、enges,including the rise in frequency and sophistication of cyberattacks.One security firm that tracks ransomware attacksone increasingly popular type of cyberattackestimated that there were some 65,000 successful breaches in 2020 alone,according to New York Magazines Intelligencer.In short,organiza

8、tions need to start planning for when theyll be attacked,not ifand a key part of that planning process is to ensure theyre in lock-step within their own organization and with their partners and providers who play an important role in ensuring the security,safety and privacy of a business and its dat

9、a.Theres a surge in cyberattacksand you need to be prepared for“when”youll be attacked,not“if.”Your CMS is the heart of an important relationshipwith your readers,your employees and your partners.A compromised CMS,however,is a gold mine for cyber criminals and a source of risk for your business.5Wha

10、t does this mean for content management systems,specifically?Digital transformation used to focus solely on products,applications and solutions,but the pandemic has forced organizations to evolve how they communicate as wellinternally,with partners and vendors,and with customers.Having the right con

11、tent management system is a crucial component in ensuring the right messages are shared at the right time and place.Its at the center of your operations and is the heart of the relationship that you have with your employees(via an intranet)and your readers and viewers if youre publishing news articl

12、es or other content.Your CMS represents your brand and is the vehicle youre using to communicate with your intended audience.Because CMSs are an important piece in every organizations tech stack and because of their potential reach with various large and engaged audiences,theyre also potential targe

13、ts for attacks.Organizations with a media presence or those who deliver digital content across multiple channels are especially hot targets,as the implications and fallout of the attack can spread quicklytheyre not just compromising a single website,but potentially a platform hosting millions of use

14、rs.According to TechNative,a CMS breach can threaten business continuity and bring even the largest corporations to their knees within hours,so building a strong and reliable underlying infrastructure on which to host your CMS has never been more important.Nearly 80%of senior IT and IT security lead

15、ers believe their organizations lack sufficient protection against cyberattacks.This is despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challengesaccording to a new IDG Research Services survey commissioned by Insight Enterprises.At Brightspot,we

16、 know that businesses have multiple systems,channels and processes in play as they try to digitally transform,and that adding one more challenge to those efforts can feel daunting.So,lets walk through some key considerations and security best pxzractices together,so that you feel confident in your a

17、pproach and can adjust as needed to ensure ultimate security for your organization.6Types of cyber attacksFirst,its important to be aware of the most common types of cyberattacks.“Ransomware,”“phishing”and“malware”are part of our everyday vernacular now.These are a few popular types of cyberattacks,

18、but the approaches cyber criminals deploy are evolving as businesses continue to expand and use different platforms and channels of communicating.This isnt only a concern over weak passwords;theres simply more opportunity for cyber criminals to attack.Completely prevents you from providing your serv

19、ice to clients or customers Denial of serviceChanges the appearance of your online properties and can be more difficult to identify quickly Defacement or corruptionAn attacker taking and using your data against you or negatively towards your clients/customersData exfiltration7Ensure that your CMS is

20、 in compliance with your companys policies and guidelines regarding password length,complexity,and expiration.Regularly maintain and monitor all users who have access to your CMS and audit levels of access and permissions via a centralized identity management database.Steps to Minimize the Risks of

21、an IncidentApply two-factor authentication for all access points to your CMS to create an additional firewall in the case of password infiltration among existing CMS users.Maintain your CMS security as you would any other software application,ensuring frequent backups of data,upgrading to the latest

22、 versions,and monitoring your systems for unusual activities and usage patterns.What you can do:Security hygiene+assessment checklist There are a few simple steps to take to ensure your CMS can and does comply with your companys security best practices.The critical component here,however,is that eve

23、ryone needs to abide by them.Integration with your security toolsIntegration with central identity managementMulti-factor authenticationPassword complexity2 1 4 3 Even before an actual attack or assessment of a potential threat,its important to follow these five steps to ensure the security of your

24、CMS as a matter of routine protection.Finally,keep your organization trained and aware of what the cyber threats are today and hold regular training sessions to discuss what to watch for so they understand how these threats are evolving.This includes making sure everybody knows how to report somethi

25、ng if(or more realistically,when)they see something suspicious.Review your CMS users and eliminate unnecessary ones.Likewise,review all the roles and permissions for users of your CMS throughout your organization.Regularly review all of your publishing changes made within the CMS to ensure theyre le

26、gitimate and expected.Regularly monitor your websites and microsites to identify potential defacement.Establish a specific method for your employees to report issues they believe are suspicious;create a streamlined communication process for this.Have your security incident processes documented;this

27、allows you to conduct a postmortem with your organization and vendors that helped you navigate the attack.Assessment Checklist1 2 3 4 5 89What you and your partners can do:Defense-in-depth approach“Defense in depth”is a time-tested strategy that ensures you dont have a single point of failure in you

28、r infrastructure by deploying distinct protocols at various layers.The more customization you can do within the platform to meet your organizations security protocols,the better.And the right partner will have the tools and technology to integrate with and abide by your rules at different layers and

29、 levels.Its key to partner with those that have their eye on multi-layered security to help protect against threatsand ensure they understand and agree to your approach to security as well.Asking key questions that drill down into their approach is an essential step here.Then,its important to make s

30、ure the best practices and approach that youve agreed to within your organizationand with your partnersis manageable.Oftentimes,businesses tend to make it too hard or prohibitive for their workforce to follow along and abide by security protocols and policies.Vendor Due Diligence:Security Questions

31、for Your Partner Do you have a security program handbook or guide?How do you respond when a customer reports a security vulnerability?Whats your process during and after an attack?What are you doing from a prevention standpoint?Layer 1 What are you doing from a security standpoint at the code level?

32、What operational security components are included in your platforms architecture?Layer 2 Are you partnering with major cloud providers?What services are included through them?What do your partners leverage in terms of security architecture and code?Do they have a due diligence process youre familiar

33、 with?Layer 3For example,if you write a policy or a practice in a vacuum and put together a workflow to support it,and if that process is too difficult for people to manage in their day-to-day,they will go around it or find a shortcut.When people start going around your policies,you start losing the

34、 ability to manage them,and you start introducing additional risk in your system.Its always important to not just make sure that youre checking all the security boxes,but also watching the behavior of people who are using those processes,tools and systems.If you find theyre creating alternate paths

35、around certain controlsfix the control to make it more friendly and attainable so everyone can more easily stay in compliance.1011Our Brightspot experts are always here to support you and your team,and the Brightspot platform was built with security top of mind.To provide an additional layer of secu

36、rity and ever-present peace of mind,Brightspot has two-factor authentication for all access points to your CMS.The platform allows organizations to require two-factor authentication for users across a given site,of a specific role,or at the individual user levelmeaning your most valuable content and

37、 brand assets are always protected in case of password infiltration and other cyber malfeasance.The Brightspot CMS also allows you to easily monitor activity via the Recent Activity Widget,which provides a view into the publishing activities in your system,as well as a historical view into revisions

38、 to see who published what and when.Then,from a content perspective,the existence of robust workflows,internal approval processes and defined roles by user type or team are always a safe bet to guard against unwanted changes going up on your website from within the CMS.How Brightspot Supports Its Cu

39、stomersEnsure CMS security with Brightspot support Reviews who has access to your systemsCentralizes communicationSolicits additional support as neededScales your tech 12At Brightspot we believe technology should enable content-focused teams to work smarter,faster and more seamlessly to move busines

40、ses forward.With decades of experience in publishing and media,we help companies transform their business content and digital experiences by creating enterprise applications at scale with astonishing speed.TeamBrightspotwww.BDemoBRequest a DemoOrganizations can and must be proactive in the face of a

41、 cyberattack.They also must be prepared well before a disruptive and potentially devastating incident occurs.To assist,modern CMSs like Brightspot ensure elasticity within your operations and allow you to be nimble and act swiftly during turbulent times,all backed by the support of Brightspot expert

42、s.Thats why we have strong security defenses baked into our solutions as well as a dedicated support team available to provide guidance todayand in times of crisis.3 Key Security RemindersContent management systems represent a unique and valuable target for hackers and cyber criminalsManaging threats that come from the inside require as much diligence as those from the outside Focus on your defense-in-depth strategy,and confer with your CMS partner for ideas and suggestions as needed