Security & Compliance
Security and compliance are always one of our top concerns. A lot of businesses have not prepared to ensure they are safe from potential security breaches, whether these breaches come from internal or external sources.
Therefore, the external threats include hacking or attacks, whereas internal threats include dishonesty behaviour of staff members and human error. After all, It is important to cover every eventuality in your security plan, so that you can protect your business from these security threats.
We work very closely with the security experts in Alibaba Cloud and we are committed to provide total peace of mind security solution. Alibaba Cloud is secure and intelligent, its security services have been very established over many years. Over these years they have been developing their own state-of-the-art security technology to ensure Alibaba cloud is secured.
It is evident that Alibaba Cloud has successfully protects Alibaba Group’s own business, such as Double 11 Global Shopping Festival for approximately 10 years. Over the years, Alibaba cloud team has accumulated extensive experiences from various and massive security attacks. We are very confident with their technology and we highly recommend the use of Alibaba Cloud Security services to all our clients. Together, we are committed to ensure that your online business threats are minimised.
Professional Security Services
We provide you with value-added professional security services from our security operation team.
Our security operation team assesses your business security, analyzes your business needs. We will always works closely with you to customize the security rules that seamlessly suit your business.
Cloud Native Security
W Tech native security services are integrated with Alibaba Cloud server, storage, database and network services.
The cloud-native security capability is developed under the adaptive security architecture. For instance, it enables continuous security monitoring and analytics for your data. Even so, we will provide our customer real-time threat reports and quick security risk recovery to secure your data.
1. An unusual flood that caught our attention during the event in June 2019. The intention of the attacker was trying to bring down our system during the event which may cause the loss of client confidence. The DDoS attack was successfully being mitigated by us with the scrubbing center which was provided by Alicloud.
2. A security breach in September 2019, our client has encountered an information leaking issue due to a lack of data encryption in application layer protocol. Then, the hackers scan public API repeatedly by using bots in order to get useful information such as ID, phone number and etc.
After that, we employed a security protocol on their existing insecure communication channel. It provides encryption during data transmission to avoid data tampering and eavesdropping. Furthermore, the firewall has set up between the server and the outside environment to block crawlers from locating the sensitive services at the same time. It also prevents malicious requests from sabotaging the operation of the server.
For example, like in an insecure WordPress site, the malicious user can directly create a new profile or comment by directly typing the URL they found from the crawler into the browser. Evidently, with the help of firewall, the website will be protected since all unauthorised or attempts to send malicious requests using this method are blocked.