| |
| Questions and answers about site security |
Many people have concerns about security when providing information via the Internet. We've sought to address those concerns with the following question-and-answer format:
Why does Webhoster.ca ask me to provide personal information online?
Our goal is to make your online interaction with Webhoster.ca as valuable as possible by providing you with a personalized Web experience. To deliver information that is relevant to your needs, we will collect some personal information online.
We promise to protect the information you provide online in the same way we protect all our customer information. We take privacy seriously, as you can see in our privacy commitment.
Webhoster.ca will not share your e-mail address with anyone outside of our company; nor will we disclose any other information you provide to outside parties. |
How do I know the information I provide is kept secure?
Your Webhoster.ca account is not automatically accessible via the Internet. Once you request online access to your account, we request specific information about you and your account to confirm your identity |
| We then use several security measures to confirm this information, and only then do we allow online access to your account information. |
What specific measures does Webhoster.ca take to secure my online transactions?
We use several technological tools to provide security on the Web site, including: |
 |
The Secure Socket Layer, which protects the information you transmit and prevents interception by unauthorized parties; and |
|
A firewall, which restricts unauthorized access to our internal networks where your information is stored. |
|
| We also maintain and monitor an audit log, which tracks the use of our security processes and highlights any suspicious activity. |
| |
| The Secure Socket Layer |
The Secure Socket Layer is an industry standard protocol used for communication between your Web browser and the Web server. It provides authentication, data integrity and encryption.
Your browser may give you a message indicating you are entering a secure Web site. You may also see a blue box outlining the secure page. And if you usually see a broken key or open lock in the lower left corner of your screen, you'll notice it change to a full key or closed lock. |
| |
| Data integrity |
| The Secure Socket Layer ensures that any alteration to the contents of your message, either intentional or by accident, will be identified and handled in an appropriate manner. |
| |
| Encryption |
| The Secure Socket Layer encrypts or "scrambles" the content of your message as it travels across the Internet, making it difficult for unauthorized interceptors to understand. Encryption codes the information in your message, ensuring that it can only effectively be decoded by the Webhoster.ca Web server. |
| |
| Firewall |
| A firewall is a device, usually consisting of software and hardware, which separates computers with sensitive information on an internal network from an external network such as the Internet. Its purpose is to limit the types of traffic that enter the internal network to prevent malicious attacks on internal computers. By using a firewall, Webhoster.ca is ensuring your information is always protected. |
| |
What can I do to keep my information secure?
There are some easy steps you can take to keep your information secure: |
|
Memorize your User ID and password rather than writing them down. If you must write them down, keep them in separate and secure locations. |
|
Do not share your User ID and password with anyone else. |
|
Do not leave your computer unattended while the browser is still running. |
|
Empty your disk cache at the end of your Web session. To do this, select the menu item that allows you to empty disk cache. |
|
Set your disk cache to 0. |
|
All Web browsers have a default setting that caches their Web activity. This means your browser copies the information you see on-screen, like graphics and text files, to the memory and hard disk of your computer. Once loaded into your cache, the browser no longer has to download the information through the Internet, which makes revisiting a Web site or exploring a new Web site faster.
Other people who access your computer can access the disk cache and may be able to view the contents of your previous Web activity. You can set your disk cache to 0 to ensure nothing is stored on your hard disk. You won't be able to access previously viewed pages as quickly, but your security will be enhanced. |
| |
| Technical Security |
On site physical security measures are in place to ensure the safety and security of our network and systems. Our systems are secured using the latest security methods including router access list filtering on inbound carrier feeds and fire walling and the SYN level on internal devices.
Our secure servers use 128 bit SSL on Linux-base Apache with mod_SSL and OpenSSL
Our server are protected with software-based firewalling. These look at source and destination addresses, source and destination ports.
Security administrators handle all aspects of firewall management. Our engineers are familiar with many types of firewall applications, including checkpoint, ipchains, ipfw, ipfwadm, etc. We are able to modify response packets with masquerade responses to the remote initiator.
All security systems are tested on a monthly basis. Security scanners such as Nessus (www.nessus.org) and SAINT (www.wwdsi.com/saint). Automatic updates are instantly made with the latest exploit/DOS(Denial of Service) check codes.
Our security team is also subscriber to all the major security mailing lists, including BUGTAQ from securityfocus.com to provide new security notifications in real time.
We also use different intrusion detection applications including SHADOW and TRIPWIRE along with proprietary systems. These systems allow us to react immediatly modifying ACLs as necessary.
Automated offsite secure storage backups to our mirrored storage arrays in the southern US are conducted through secure encrypted tunnels using SSH with confidential data encryption prior to transit. |
| |
