Dec 25, 2023

How we keep your data and your system secure

Words by

Kaine Shutler

We know that data and systems security is paramount to the success of your organisation's digital projects. At Plume, we work tirelessly to keep your information secure. Here are some of the server and application security technologies that work hard to thwart such attacks.

Plume's typical level of security

Before we get into the details, please note that our typical level of security may differ from system to system based on our client's requirements (we build custom systems which means the level of security is custom too). If you'd like to know exactly which of these security technologies are in place for your system, please ask your project manager. And if you have any specific requirements, you can let us know.

Server-side security

  • Rate limiting for SSH & SFTP logins to protect against brute-force protection

  • Firewall that only provides access to required ports for the application to function

  • Bot detection to protect against Denial of Service attacks (DoS)

  • Database protection with IP whitelisting to restrict unauthorised access

  • Application isolation to stop the spread of issues from one server application to the next

  • End-to-end encryption with SSL certificates provided via Let’s Encrypt® to protect your user's data in transit to and from the server

  • SQL injection protection

  • 2 factor authentication required to access hosting environment management system

  • AWS cloud security (when applicable)

Application security

  • Application firewall with network protection to ban suspicious IPs

  • Realtime continuous virus scanning to block attempted infections

  • File-change notifications to our technical team for investigation

  • Auto-repair of potentially compromised files

  • Block users with repeated incorrect passwords

  • CMS obscurification

Common security add-ons

Here are some of the common security requests we get from our clients who require premium levels of security and data protection. Please note that these may be subject to additional charges.

Additional server-side security

  • Sucuri Antivirus protection

  • Blacklist monitoring

  • DDoS alerts

Additional application security

  • 2 factor authentication for your system administrators and/or customers

  • Restricted availability of the management system with country and IP whitelisting and time-based restrictions

  • Custom password enforcement policies

‹ How to write a course sales page to sell more online courses [FREE EBOOK]

How will technology affect education during COVID-19 and beyond: Interview with Education IT Reporter ›

See how custom learning technology could help you to scale your business

CONTACT US

About Plume

As the leading custom LMS provider in the UK and US, we help businesses design, build and grow pioneering learning tech that unlocks limitless growth potential.

Services

Blueprint

Custom LMS

Membership apps

Test prep platforms

Use-cases

Multi-tenancy

B2B training

B2C training

HIPAA compliance

Kids & teen

Links

Privacy policy

Linkedin

See how custom learning technology could help you to scale your business

CONTACT US

About Plume

As the leading custom LMS provider in the UK and US, we help businesses design, build and grow pioneering learning tech that unlocks limitless growth potential.

Services

Blueprint

Custom LMS

Membership apps

Test prep platforms

Use-cases

Multi-tenancy

B2B training

B2C training

HIPAA compliance

Kids & teen

Links

Privacy policy

Linkedin

See how custom learning technology could help you to scale your business

CONTACT US

About Plume

As the leading custom LMS provider in the UK and US, we help businesses design, build and grow pioneering learning tech that unlocks limitless growth potential.

Services

Blueprint

Custom LMS

Membership apps

Test prep platforms

Use-cases

Multi-tenancy

B2B training

B2C training

HIPAA compliance

Kids & teen

Links

Privacy policy

Linkedin