Hosting Security

2FA

829 Studios utilizes 2FA on all of its core agency systems, including the systems used to provide Hosted Services (AWS, WP Engine).

Sites hosted on 829 Studios Hosted Services can optionally utilize 2FA for WordPress Logins through WordFence. This can be configured upon request by the client.

GeoFencing

829 Studios does not provide out of the box geofencing for Hosted Sites. Utilizing a plugin based Web Application Firewall (WAF) 829 Studios is able to limit access based on geography and / or IP address in an automated fashion based on suspicious behavior, or configured explicit geographic blocks on the clients request.

DDoS protection

829 Studios standard hosting plans come with WP Engine's Advanced Network – supporting level 3 and level 4 DDoS protection through a partnership with CloudFlare.

For client's who need increased support and enhanced DDoS and WAF protection for their hosted assets, 829 Studios is optionally able to leverage WP Engine's Global Edge Security service.

Repo access restrictions and deployment process

Repo access, restrictions and 829's deployment process are in line with company security policies that spell out requirements for Testing, Software Development Lifecycle, and Key Management.

829 Studios maintains unique, private repositories for hosted client sites. Access to repositories is controlled by the Director of Development and limited to developers and senior team members on an as needed basis. Repositories are integrated with development, staging and production servers utilizing a widely used CI/CD tool.

829 Studios leverages SOC2 compliant vendors for its Hosted Services provided by WP Engine.

All of 829 Studios core systems (email, project management, storage) are all provided by SaaS vendors that meet SOC2 compliance.

829 Studios does not provide GDPR compliance services nor does it warrant its work as GDPR compliant unless explicitly documented in a Data Processing Agreement.

Handling vulnerabilities

829 Studios works with trusted partners with documented Vulnerability Management policies and procedures for hosted networks and hardware. Additional documentation is available upon request.

829 Studios frequently maintains wordpress applications, including code, core and plugin updates, as part of its Hosted Services. This is done through a series of automated, manual, and emergent updates. 829 Studios works with several partners, including WP Engine and WordFence, to provide early notification of software vulnerabilities. Emergency and zero-day vulnerabilities, when not automatically patched, are addressed as high priority.

Penetration Testing

829 Studios partner's with WP Engine to offer best-in-class wordpress hosting. WP Engine provides 3rd party certified penetration testing reports annually. These may be provided to client's upon request.

Client's who wish to subject their Hosted Services to additional Penetration Testing may do so at their own cost. Client's who wish to penetration test hosted services must notify and coordinate with 829 Studios before beginning tests to avoid unexpected server impacts.

Spam Protection

829 Studios recommends Google Recaptcha as the standard for website form fill spam protection and is able to configure this as part of our Hosted Services.