A Safe Environment for Your (Multi)Sites
With the increasing digitization, the threat of cybercrime is also growing. As organizations expand their digital presence with multiple websites, the number of use cases, integrations, and possibilities also increases. However, this also amplifies the risk and makes management more complex and harder to oversee. At Plate, we place great importance on the security of our customers' websites. Since we offer a multisite platform, we are fully responsible for the hosting, security, and uptime of our CMS across all your sites. Discover how we ensure the security of your entire multisite network.
Active firewall
Active firewall that analyzes all traffic and blocks (D)DOS attacks and malicious traffic patterns.
Plate Artificial Security (PAS) recognizes patterns of traffic with malicious intent and automatically blocks this traffic. PAS is 'self-learning' and adapts to the ever-changing environments. Using AI, collected data is clustered to identify attack patterns. The AI continuously monitors your environment and can easily identify and neutralize both common and new hacking methods.
Form choices
Plate provides a reliable sending service (Mandrill) for form messages sent via your websites by default. However, we also give you the option to link your own Mandrill account.
Additionally, we offer the option to not store form messages on the website's dashboard as a reference, but to disable this feature. In the case of sensitive data, this is something we advise. This way, no one with access to the website can see data from submitted forms.
It is also possible to set the retention period of form messages on the dashboard. Based on your preference, messages can be retained for a shorter or longer period.
Multi-Factor Authentication
With Multi-Factor Authentication (MFA), you secure access to the CMS with an additional step. Recently, we have added the ability to set up MFA at the company level within Plate. This makes MFA mandatory for all administrators within your organization.
Access management
With Access Management, you define specific roles and permissions at both individual and group levels. For each user or user group, you specify which actions they are allowed to perform within the Plate CMS. These actions include: Create, Read, Update, and Delete.
The user management system of Plate is so flexible that you can assign these actions to specific parts and content types within the CMS. This means, for example, inviting a specific user to only add events to the website, or restricting an editor to creating and editing news articles.
Security.txt
Every website on the Plate platform includes a `security.txt` file by default. A `security.txt` file makes it easier for people to report security issues, helps us respond faster, and demonstrates that you take the security of your website and users seriously. This allows us to quickly address the security reports we receive.
Content Security and Permissions Policy Header
Websites on the Plate platform have the option by default to activate a Content Security Policy (CSP) and a Permission Policy header. The Content Security Policy helps prevent various types of attacks such as cross-site scripting (XSS) and data injections. CSP acts as an additional layer of protection by specifying which resources the browser is allowed to load on your website. This means you can precisely control which scripts, styles, and other resources can be executed.
The Permissions Policy Header (formerly known as Feature Policy) allows you to manage which browser features and APIs are available on your website. This helps reduce the risk of attacks and enhances the privacy and security of your users.
Automatic SSL / HTTPS
If you have a website on the Plate platform, you don't need to worry about obtaining or renewing an SSL certificate and the associated HTTPS protocol. We centrally manage this for all websites on the platform.
ISO 27001
In 2024, we have internally begun the certification process for our Content Management solutions and our organization. We expect to be officially ISO 27001 certified starting from Q1 of 2025, ensuring compliance with the highest standards for data quality and integrity.
Want to learn more about multisite?
Interested in learning more about multisite and how to make the right multisite choices? We have some interesting resources for you, such as this podcast where we discuss what is often overlooked when selecting a new (headless) CMS, a multisite demo video, or an article on the 5 best practices of multisite.
Feel free to also send us an email with your specific multisite questions. We're here to assist you throughout the process.
👇 A selection of our > 100 multisite implementations
"Plate assisted us excellently in the process of renewing our own website and the over 60 subsites of foundations that have joined Plate's multisite environment. The diversity of users at the foundations with knowledge of a CMS system seemed like a significant challenge to us. Together with Plate, we deployed training, online collaboration sessions, a clear learning environment, and support."
Anne-Lieke Joosten
Executive Communication