Web Hosting - Restricted Data

The Web Hosting Service has designated hosting platforms that are specifically designed to secure restricted data, as defined by the office of Cybersecurity:


Platform Security

These platforms are more secure for several reasons:

  1. They reside on designated restricted data subnets and have more restrictive firewall rules in place. For example: Web-based access to the Administrative Control Panel and Secure FTP publishing are both exclusive to the static IP addresses of the developers who require access.
  2. Additional security software tools are used to monitor the restricted data platforms.
  3. All sites are required to use certificates and SSL to encrypt server-client data transactions.
  4. Web applications are segregated. For example: Each application on the Windows/IIS platform has its own application pools and IUSR accounts. This allows for sandboxed applications/processes and highly granular permissions.
  5. LAMP platform accounts include point-in-time MySQL database restores. See: Web Hosting - Web Site Backup and Recovery.

Hosting Restricted Data

Hosting restricted data requires special precautions. If your site needs to handle restricted data, you must sign up for a Platinum Service Level account. In addition, before your web hosting account is in production a review with Office of CyberSecurity staff and DoIT's Web Hosting team will take place.

Note: Restricted data platforms are NOT PCI compliant. UW-Madison departments with E-Commerce needs are directed to utilize the CashNet service provided by Business Services.

Keywords:restrict, data, site, security, SSL   Doc ID:29536
Owner:Jake S.Group:DoIT Web Hosting
Created:2013-04-17 15:53 CDTUpdated:2019-04-22 12:35 CDT
Sites:DoIT Web Hosting
Feedback:  0   0