Best practices to keep your platform safe.
Secure Website Hosting
Smart Inbound partners with FlyWheel, one of the best WordPress hosting providers in the world. FlyWheel takes security just as seriously as we do. FlyWheel locks down core WordPress files, automatically blocks malicious IP traffic, and offers 24/7 support for any security emergency. You can read about FlyWheel’s security protocols here.
Nightly Website Backups
Part of your Smart Inbound hosting plan includes nightly backups. We can also download a backup for offline storage at any time. If there are ever any serious issues on your website, we can immediately restore a nightly backup. Although that day’s website data will be lost, your site can be fully functional again in a matter of minutes.
Automated Malware Detection and Removal (Anti-Virus)
FlyWheel uses a variety of malware prevention measures. In the rare case that malware is detected on a Smart Inbound site, FlyWheel will handle server-side cleanup. Smart Inbound will do our part to remediate any malware, from removing a plugin to a complete overhaul.
Advanced Passwords by Default
When Smart Inbound creates WordPress users (or any other type of account) for you, we use highly complex passwords (like $az4o$&r57Q4N5n&, for instance). We strongly recommend you keep the passwords we set and save them in a password manager. Our own accounts on your platforms will always use advanced passwords.
Routine Software Updates
Your Smart Inbound site is connected to a dashboard that monitors your site health. As the external environment changes (such as PHP updates or plugin updates), Smart Inbound makes intelligent choices on when to update your internal technology. This means your software is always up-to-date while ensuring your site functions as it should.
Plugin Vulnerability Notifications and Immediate Updates
Even the best plugins can occasionally become vulnerable to potential attack. But if any plugin vulnerability is discovered on your site, Smart Inbound is immediately notified. Security patches will be installed if available, or the plugin can be disabled and temporarily replaced if necessary.
Encrypted Data Transfers via SSL and HTTPS
SSL capabilities ensure that any data transferred between the website user and the server is transmitted securely. This is a requirement on any Smart Inbound site. Our SSL certificates are provided by Let’s Encrypt. You can read through their documentation and security protocols here.
Secure and PCI Compliant Payment Processing
User payment and transaction data is never stored on your Smart Inbound site. We use the internationally trusted payment processor Stripe and accompanying payment processing plugins. Payment information data is entered into fields embedded directly by PCI-DSS validated servers. You can learn more about Stripe’s compliance and security here.
Website Access and Change Logs
Using the Simple History plugin, Smart Inbound tracks every move that is made on your website. This includes user logins, password resets, page updates, and more. If there is ever any suspicious activity, we can check the website history and uncover more data about the problem. This allows us to remediate or repair faster.
Singular Trusted Platform for All Administrative Data
Smart Inbound partners with Google to store all client and company data. All Smart Inbound employees are required to use multiple security protocols and are given access to necessary information. Your company assets, communication, and other resources are effectively organized and monitored. You can learn more about Google’s security, compliance, and privacy protocols for Google Business partners here.
Internal Cybersecurity Protocols, Policies, and Plans
If your website or the Smart Inbound company is ever the target of a cybersecurity attack, we have a set of best-practice responses to neutralize and remediate the threat. If Smart Inbound is aware of any potential damages to your website or data, you will be formally notified.