Protect sensitive information
FortressDB is the secure solution for WordPress forms
WordPress is a CMS, short for Content Management System. Its purpose is to enable non-technical users to publish web content. It is a fantastic platform for this, which is why it’s the most popular CMS in the world, and why we love it!
However, when it comes to security, WordPress isn’t perfect. It was not designed for compartmentalising sensitive data. FortressDB, on the other hand, was built with a focus on security at its very core.
Fortress DB provides a secure solution for the data vulnerabilities within WordPress. This enables form plugins to save data and files safely in our own database servers, providing far superior security than using the existing WordPress database. With Fortress DB, you can protect your data from security risks.
All data sent from WordPress to FortressDB is sent over SSL. This high-level encryption keeps your data safe even if you are using an insecure network like a public Wi-Fi connection. Nobody without approved access to your data will be able to read it.
Extra layers of security are added on our database servers, with server-side encryption keeping the data we store safe. The information is encrypted: locked away securely so that it can only be understood through decryption using a private key, and can therefore only be read by the people who have permission to access it.
WordPress files are obscure, not secure!
That’s correct; WordPress files are obscure, not secure. That’s to say files in the uploads folder are hard for humans to find. They have hash codes and upload dates, so we can’t easily guess what they are called or where they are, but search engines are very good at finding files. That’s what they are designed to do. Search engines can even parse files such as PDFs, find content within them and list them in their search results.
FortressDB files are secure
FortressDB stores files on our servers with strict security measures which mean they cannot be accessed without the correct user role and permissions. Our plugin gives you total control over who can view a file, and this can’t be picked up by a web visitor stumbling across it on a Google search, like with the WordPress database. This is extremely important for sensitive information, especially for scans of personal documents like passports or driving licenses.
HIPAA compliance requires you to implement administrative, physical, and technical safeguards. FortressDB can be part of your HIPAA compliance, providing the technical component of your total solution. Our platform is built on the Google Cloud Platform, which is HIPAA compliant from a technical security perspective. Read more about GCP and HIPAA here.
To become certified, a company also needs to prove it has the procedures, training and documentation in place, including, but not limited to:
- Written policies, procedures and standards of conduct.
- Compliance officer and compliance committee.
- Effective training and education.
- Effective communication lines.
- Internal monitoring and auditing.
- Enforcing standards via well-publicized disciplinary guidelines.
- Ability to respond promptly to offences and taking corrective action.
For support getting your company fully HIPAA compliant, contact a firm offering consultation on this.
WordPress security plugins
There are several excellent security plugins for WordPress. These deal with general security, such as DDoS attacks, blocking users with suspicious activity, and cleaning up after a site has been hacked. FortressDB addresses a different problem. It works specifically with form data, not general security. For more information about security plugins, we suggest checking out the following: