No matter how it happens, the results can have far-reaching consequences for you and your users.

Even small sites should take their security seriously — theVerizon Data Breach Investigations Report小商业发现,有43%的网络攻击的目标nesses. But only so much can be done on the individual level to anticipate potential vulnerabilities. You need private information — yours and your users’ — to stay private so you can maintain your users’ trust and keep your website running reliably.

By using a website-building platform that has dedicated resources for site security, you are free to focus on all the exciting elements that will make your website shine. Webflow builds security into the foundation of your website and keeps those security best practices informed and up to date for you. Here’s how.

Webflow is SOC 2 compliant

SOC 2 (Service Organization Control 2) compliance tells users that the company has thorough security practices and keeps them up to date. To be SOC 2 compliant, a provider must pass a full third-party audit of their security practices and meet five trust services criteria to qualify:

• Security: Systems and information are protected from unauthorized access.
• Availability: Those systems are available to be used consistently.
• Processing integrity:Systems operate in a timely and accurate manner.
• Confidentiality:Information designated confidential is protected.
• Privacy:这些信息是collected, retained when used, and then securely disposed of.

AICPAhas more detailed information on the requirements, but the primary takeaway is that third-party auditing means you don’t have to just take a provider’s word on their security practices. Webflow is both SOC 2 Type I andType IIcertified.

Webflow provides secure hosting services and encryption

网站托管服务是“生活”在the internet. It houses, services, and maintains the files that make up your website and connects your site to the internet, so it can be accessed by visitors. A good hosting service will be fast, reliable, and secure so your site never slows or crashes. A secure web host will also provide encryption — essentially, turning the data that’s communicated from your site into private code that can only be understood by the intended recipient.

AWS Hosting

Webflow is hosted onAmazon Web Services (AWS) Hosting. Their robust hosting ensures Webflow’s services, and thus your website, will run reliably and be protected from security threats, cyberattacks, and even simple traffic surges.

Through this service, Webflow offers secure and reliable hosting for your website in-house. There is a range of site plans to suit different needs, fromBasic and Business up to Enterprise level, but all of them meet the same professional standards.

SSL Encryption

Secure Sockets Layer (SSL) encryption protects your non-public data from unauthorized access by encrypting it. All Webflow data is end-to-end encrypted between Webflow’s servers and your site. Plus, Webflow hosting automatically includes an SSL certificate for your website, meaning your site will be secure and visibly trustworthy for your users.

It’s a security best practice for an internet user to never log in or provide personal data to a site that doesn’t have secure encryption. You can tell if a site has an SSL certificate if the URL in your navigation bar starts withhttps://or displays a closed lock icon in Chrome.

Webflow doesn’t rely on potentially vulnerable plugins

Webflow and WordPress are the two dominant professional website builders available. A primary difference is that Webflow integrates core functionality, like visual design control, SEO, CMS, and forms, whileWordPress utilizes third-party pluginsto enable the same functions. When using plugins, you might end up needing dozens, each with its own potential security liability. You even need to install a plugin for security support!

Plugins are created by third-party developers, and there’s no easy way to assess the security practices of each of these plugin creators. You have to rely on developers to publish updates for their plugins and then push those updates on your site as well. And if they go out of date, they can expose your site to hackers.

Webflow only uses integrations with reputable companies that have their own reliable security measures, such as Mailchimp for customer management and Stripe or PayPal for payments processing. These companies are more transparent and require their own separate secure logins.

Webflow safeguards your account and information

Webflow’s system not only follows stringent security standards, but also has measures in place to safeguard your personal account and the website you create with it.

Personal account protection

All of the valuable infrastructure for your website lives in your personal Webflow account, so it’s important to keep access to that account secure. You can protect your login withtwo-factor authentication, which is currently the highest standard for account security on the web.

Two-factor authentication requires you to confirm a new login attempt from another device such as a mobile phone, protecting you from illegitimate login attempts. At the enterprise level, you can also enable single sign-on for even more robust security for your team’s access.

Website password protection

Webflow allows you to enablesitewide and per-page password protectionin order to restrict access to specific pages, collections, or even full websites. You can assign unique login credentials to your external clients in order to share pages that have internal documentation or sensitive client prototypes.

To create a seamless experience, you can design the appearance of the login pages so they look professional and fit the overall design of your site.

Automatic backups

Keeping your website secure also means protecting it from unexpected accidents and inadvertent changes. Webflow keeps your site safe bysaving backups automaticallyas you work. You can also manually save backups before making big changes and name the backup files for reference. Images and all other assets are backed up as well, so you will never lose any of your vital elements.

Webflow protects your site, so you can focus on creating it

When you use Webflow, you instantly have a full security team on your side, no matter how large or small your company is. The systems supporting your site are maintained to the highest standards, and you are given the tools to keep your site secure right alongside the tools to build it.

Webflow’s team keeps the safety and integrity of its system consistently up-to-date — allowing you and your team to focus your energy on growing your website and serving your own users. For more information, you can read theSecurity Whitepaperor contact the Webflow security team at security@www.raktarban.com.