About Partnering with Critical Syntax

As a development firm or agency we understand that security is yet another of the many hassles of building a web site / application. In addition to getting the project done on-time and under-budget, now you have to worry about it being hacked after deployment. There is nothing worse than an irate client calling, especially because the site you built for them has been compromised. Here are some of the ways we take some of the trepidation from our agency partners:

  • Our Critical Care team can harden the security of the web applications developed by your agency, either during production or right before deployment.
  • We can teach your developers standard security best practices and the latest tips as new threats arise.
  • Our Critical Care package can offer your customers added piece of mind that their site is protected in the case of a future attack.
  • Our Critical Response team will take over in the event of an attack to isolate the vulnerability and find the source of the intrusion.

We’d like to provide you with a presentation and talk about a partnership, call us at 800-719-8140 to setup a meeting with our team.

Let’s dispel some of the myths agencies have about their web development and security:

Myth #1 – My hosting company handles my web site security

Truth: Hosting companies like Godaddy, Rackspace and Network Solutions are looking mainly for outgoing SPAM not hacking. This is in response to the CAN-SPAM act which made them responsible for their servers sending SPAM messages. So they are not looking for hacking. If your site is taken over with Chinese characters, or has become a link bed for Russian mail-order-bride ads, they will never know until you call them.

My developers are the best, I’m sure our sites are secure

Truth: We have worked with some very responsible and thorough programmers when it comes to security. However building marketing-driven web sites (using web application CMS like Drupal or WordPress) has traditionally been done by amateur or junior programmers with little or no formal security training. If there is a more senior programmer around, they are usually more concerned with sites with e-commerce or large scale client databases. So most of the time security for most of the sites agencies build is just what comes out of the box.

Our client sites are small and not a target for hacking

Truth: Hackers and criminals are not looking for big sites to hack. Actually smaller sites are much better targets. Sites that are not updated often are great places to hide ransomeware or put links that divert traffic to other malware. Hackers don’t care if your site is big, popular or of a particular type. We’ve seen hacking of websites for churches, consulting firms, manufacturing companies, chiropractors and political campaigns; honestly anything that is online is under attack. And a lot of hacks go unnoticed for months or years because they don’t change content on the main pages.