Is your site secure according to BSI? Do the free check!
“We will make a system update for our CMS together with the next relaunch. Never change a running system”, many website operators may think. However, the Federal Office for Information Security takes a completely different view. Since March 2018, the timely update of your web application has been a legal obligation.
In response to new critical vulnerabilities in all types of IT infrastructures, the German government has enacted the IT Security Act. The aim of the law is to make the infrastructure more secure and to protect users and their sensitive data. Website owners whose websites violate the law can face potentially high penalties.
„We already did an update 2 years ago.“
As a rule, new security updates are released monthly for the most common software systems. However, this also means a monthly need for action for website operators.
If you are not sure about the condition of your website, please contact us. Gosign scans their website and informs them about the risks free of charge.
Do the free check!
OBLIGATION TO NOTIFY
The law is intended to help prevent the loss of control over IT systems and infrastructures. Recent cyber attacks have not only shown how vulnerable websites are, but also how serious the consequences can be,
The German Cyber Security Act requires operators of critical infrastructures to implement certain IT security standards and introduces the reporting obligation for serious IT security events. With news about credit card loss, online fraud, identity theft and more, we can see that website owners fall into the legal category of “critical infrastructure operators”. One of the easiest and most effective ways to maximize the security and stability of your website is to install the latest security updates.
The protection of information technologies is now mandatory. Organisations must do their utmost to protect and secure their systems.
“Acting – i.e. updating – is better (and cheaper) than reacting to a hack.”
Operating a website with outdated software is not only a question of “risk assessment”, but also a legal question. If security updates are not implemented, warnings and fines may be imposed. The IT Security Act obliges website operators to take appropriate technical and organizational measures against unauthorized access of any kind. Imagine what the loss of business-critical information could mean to you. What would it cost you per hour or per day if your website were to fail? And the costs for the fastest possible repair? Think not only of the costs of lost business but also of the loss of trust among your customers.
You can keep your website up to date today and secure it for the long term. A simple and effective way to keep track of maintenance and security is to use the latest versions of supported and maintained software and to install updates quickly.
TYPO3 editorial system
TYPO3 as CMS is a good choice for several reasons. It is actively maintained, has clearly defined update and support cycles and is supported by the developer community. The community supports every Long Term Support (LTS) version of the CMS with security and bugfix releases for three years after release. An Extended Long Term Support (ELTS) version with costs is also possible.
WordPress Editorial System
WordPress can also be updated at any time, but is a bit more complex to maintain, because the security maintenance of the extensions can be a bit more complex, depending on the configuration.
Magento Shop System
Magento collects personal data as a shop system. Fines can be higher here. In addition, the obligation to report security incidents often also applies. The operator should also protect himself here with a timely update policy.
Security and Stability.
In addition, Gosign supports many other systems with additional services, such as security audits, so that you can get a clear picture of the condition of your website. The focus is on Security and Stability.