In 2024, websites faced an average of 2,244 cyberattacks per day. We’re here to help make sure your site isn’t one of them. Here's how.
How do you handle software updates and patching vulnerabilities?
We handle software updates and patching vulnerabilities to ensure your website stays secure, stable, and stress-free. This includes:
Proactive monitoring: We’re always on the lookout for vulnerabilities and keep tabs on the latest updates to ensure your website stays safe from potential threats.
Timely updates: When critical patches or updates are released, we act fast to apply them, so your website gets the protection it needs without delay.
Minimal disruption: No one wants downtime. That’s why we plan updates carefully to make sure they’re quick and efficient - causing as little disruption to your business as possible.
Fully managed service: When you choose our fully managed service, you can relax knowing we’ve got it all covered. From monitoring to patching, we handle the lot.
How do you handle malware detection and removal?
Our experts are here to guide you through the recovery process. They'll assess the damage, figure out what went wrong, and help you get back online ASAP. We’ve also got a dedicated website security team (kind of like the A-Team of online protection). They can clean up code and restore your site's functionality to get everything running smoothly if needed.
How do you handle DDoS attacks?
Our main mission during a DDoS attack is to keep your website up and running, serving your customers. However, we might need to temporarily take your website offline. When handling these attacks, our goal is to minimise disruption and protect you, and your customer's data.
To make sure your website's always protected, we highly recommend teaming up with Cloudflare, who, as of August 2024, are protecting 24,030,148 active websites worldwide!
How is data transmitted between users and servers secured?
We keep information secure with SSL. SSL certificates encrypt information between a user’s browser and the server, making sure that no one can intercept it. This means passwords, personal details, and sensitive data stay private.
Do you offer database encryption for sensitive data?
While we keep your data safe and sound, we don't actually encrypt your databases directly.
Why? Because we believe in flexibility! We want you to be the boss of your own data, choosing the encryption methods that fit your needs. This way, you're in complete control of your data protection strategy.
Do you support two-factor authentication (2FA) for admin accounts?
We support two-factor authentication (2FA) for every account, including the admin ones. Even if your password becomes compromised, the person with it still won't be able to get into your account without your unique 2FA code.
Setting up 2FA is a breeze
Log in to your Upmind account.
Head to your account settings. Just click on your email address in the bottom left corner of the dashboard and select "My Account".
Find the "Security" tab. Click on it to unlock your security settings.
Scroll down to "Two-Factor Authentication". Hit the "Enable" button to kick off the setup process.
Grab your phone. A QR code will appear – scan this with your favourite authenticator app.
Enter the code. Your app will generate a unique code; pop it in, and you're all set!
How are permissions managed for multiple users or teams?
We have a feature called "delegates" that lets you set up different permissions for different users. You can grant specific people or teams access to certain parts of your account, without handing over complete control. It's like giving someone a key to a door but not the master key to the entire house.</p>
Here's how to set up your delegate dream team:
Find the "Delegates" section. Log in to your account and head to the product or service you want to share (e.g. hosting, domains, support tickets, etc.). You'll find a "Delegates" or "Permissions" tab – that's the control centre.
Add a delegate. Click "Add Delegate" or "Invite Delegate", enter their email address, and choose their permission level - like assigning them a security clearance.
Customise their access. Choose what they can do:
View-only access: Perfect for those who need to see what's going on but not make any changes.
Limited access: Give them the power to do specific tasks, like updating DNS records or creating support tickets.
Full access: Only for those you trust completely – they'll have the same permissions as you.
Manage your delegates. You can easily add, remove, or change permissions for your delegates any time.
What is your disaster recovery plan if a server is compromised?
We know that your data is the heart and soul of your business. That’s why we've got a secure backup system.
Whether it's a hardware hiccup, a software snafu, or a dreaded security breach - if anything goes wrong, we'll swoop in and restore your system to the last known safe point, minimising data loss and getting you back online.
Do you offer Web Application Firewall (WAF) protection?
We sure do! We utilise Web Application Firewalls (WAF) and malware scanning systems.
Please note: Popular applications like WordPress are designed with security in mind, but third-party plugins can sometimes be a weak link. Make sure to update them regularly! Staying on top of updates for your applications and plugins is one of the easiest ways to keep your site secure and reduce risks.
Do you provide content delivery network (CDN) integration for added security and performance?
While we don't have our own Content Delivery Network (CDN), we're big fans of what they can do. CDNs boost performance, ramp up security, and make sure your site is reliable. That's why we recommend teaming up with a provider like Cloudflare.
Cloudflare has servers all over the world, so no matter where your visitors are, your website will load lightning-fast. They also protect your website from all sorts, such as DDoS attacks, malicious bots, and data breaches.
Will I be notified of any security breaches or attempted breaches?
Our Trust and Safety team are constantly monitoring for any signs of trouble. If they spot anything, we'll give you a heads-up right away, explaining what's going on and what it means for your website.
We might suggest things like changing passwords, patching up any vulnerabilities, or calling in the malware removal squad. Whatever it takes to get your website back to its fighting best. Our goal is to always keep your online world running smoothly and make sure your data and your users' information are safe and sound.
Are you compliant with data protection regulations like GDPR, HIPAA, or PCI-DSS?
We're committed to meeting strict data protection regulations and keeping up with industry best practices.
When it comes to PCI-DSS compliance, it's a bit of a team effort. Ultimately, it's up to you, the client, to achieve and maintain compliance. But don't worry, we're here to help if you have any questions.
We make sure our servers house all the necessary security features, like closing specific ports and implementing other configurations. So, we’re providing a secure foundation for your PCI-DSS house. Our team of experts can also give you a helping hand with understanding the PCI-DSS requirements and figuring out how to put the right controls in place.
Do you have certifications such as ISO 27001 or SOC 2 for your security practices?
Security isn’t just a priority – it’s part of who we are. That’s why we’re fully aligned with ISO 27001, the ultimate benchmark for information security management. We're currently working on getting our official ISO 27001 certification, but we're already following all guidelines.
Our data centre is ISO 27001 compliant. But, we're not stopping there. We're constantly fine-tuning our security, assessing risks, and staying one step ahead of online threats.
Will you assist in restoring my website if it’s hacked or compromised?
Our team knows how stressful a security breach can be. We'll be with you every step of the way, explaining what we're doing and keeping you in the loop. We'll do our best to minimise any downtime and make the whole process as painless as possible because getting you back online and back to business is our number one priority.
Still have questions?
Didn’t find an answer you were looking for? No worries! Our local customer service and support team is on hand 24/7 (real people not bots) to answer them and guide you through anything you need. Just use the live chat button or open a support ticket.
