Web Hosting - Restricted Data
The Web Hosting Service has designated hosting platforms that are specifically designed to secure restricted data, as defined by the office of Cybersecurity:
These platforms are more secure for several reasons:
- They reside on designated restricted data subnets and have more restrictive firewall rules in place. For example: Web-based access to the Administrative Control Panel and Secure FTP publishing are both exclusive to the static IP addresses of the developers who require access.
- Additional security software tools are used to monitor the restricted data platforms.
- All sites are required to use certificates and SSL to encrypt server-client data transactions.
- Web applications are segregated. For example: Each application on the Windows/IIS platform has its own application pools and IUSR accounts. This allows for sandboxed applications/processes and highly granular permissions.
- LAMP platform accounts include point-in-time MySQL database restores. See: Web Hosting - Web Site Backup and Recovery.
Hosting Restricted Data
Hosting restricted data requires special precautions. If your site needs to handle restricted data, you must sign up for a Platinum Service Level account. In addition, before your web hosting account is in production a review with Office of CyberSecurity staff and DoIT's Web Hosting team will take place.
Note: Restricted data platforms are NOT PCI compliant. UW-Madison departments with E-Commerce needs are directed to utilize the CashNet service provided by Business Services.