In today’s era of WordPress and plug-and-play websites, it’s crucial to remember that your customers depend on more than just aesthetics. Key features like security, privacy, and robust infrastructure support are essential to ensure their trust and satisfaction.

Padlock graphic

Website Hosting Includes

  • Regular website backups
  • Automatic failover
  • DDoS Protection
  • Load-balanced servers with backups in a separate datacenter
  • 100% Environment vulnerability scanning
  • 100% Software source code scanning
  • Virus scanning, intrusion detection / prevention

A website serves as a virtual branch for your customers, offering around-the-clock access to your services. It’s crucial that your site is hosted by a provider with extensive technical experience, ensuring reliable and expert support.

State of the Art Security

A More Detailed Look at FIS Security

FIS employs a defense-in-depth strategy by putting multiple compensating controls into place to protect our clients’ data from malicious activity. These combined efforts demonstrate our approach to threat mitigation.

Separates production networks from non-production networks, reducing risk and delivering a more secure environment for our customers.

Defines what communication is allowed or blocked to assist in controlling access to company or client data.

FIS deploys a variety of additional network controls such as IDS/IPS, IP reputation, NAC, incident response, behavior analysis, as well as forward and reverse proxies, among others, to provide policing of the network transport for inappropriate or malicious intended traffic.

Includes leveraging automated and manual tools to attempt to find complex and obscure vulnerabilities. FIS follows penetration testing industry best-practices including NIST, OWASP and PCI.

Includes incident response, ISP engagement, third party scrubbers, intrusion prevention system adjustments, and contacting law enforcement. 

All code is scanned prior its release to production. Code is scanned with a top industry static scanning tools that support industry standard rules, including Open Web Application Security Project's (OWASP) Top 10 vulnerabilities, SANS Institute / Common Weakness Enumeration (CWE) Top 25, and others.

Primarily focused on identifying insecure system configurations, vulnerabilities due to missing security patches, or the use of outdated software on internal or external hosts. FIS currently scans external hosts weekly, internal hosts monthly, upon server build request, and ad-hoc to support remediation processes. Over 500,000 IPs are scanned monthly.

IPS/IDS systems provide a key control layer at the network perimeter and between data centers to identify malicious activity, log information about this activity, attempt to block or stop the activity, and report on it.

FIS subscribes to a service for Internet egress network traffic analysis which helps identify potential intruders' activities in near real-time.

FIS collects and stores our systems and network devices logs within a Security Information and Event Management (SIEM) solution, which provides correlation and cross reporting capabilities. This enables FIS to proactively investigate security anomalies, malicious and/or out-of-policy activity, and identify potential threats.

The FIS Threat intelligence unit maintains established relationships with our financial sector partners, the Financial Services – Information Sharing and Analysis center (FS-ISAC), law enforcement, and various intelligence and information security communities. FIS has relationships with the US Secret Service, the Department of Homeland Security National Cybersecurity and Communications Integration Center, Interpol, the United Kingdom's National Crime Agency, the US State Department's International Law Enforcement Academies, the Federal Bureau of Investigation, the Overseas Security Advisory Council, and the Domestic Security Alliance Council. FIS is one of five financial services institutions to formally partner with the Cybercrime Center.

 

For more detailed security and auditing information, please contact us, log into the Client Portal (Vendor Management Resource Center) or visit https://www.fisglobal.com.

FIS Splat

Have Questions?
Ready to get started?

Get in touch today!