Your Data Security

data securitySecurity of Your Training Data

Mediasphere understands the critical importance of protecting your data. As Mediasphere, an accredited GITC 5.5 approved government provider, delivers secure online training solutions for major corporations, governments, organisations and education institutions, we provide a high level of security on three levels, hardware, application and database.

Our Best Practice security protocols include:

Identity Theft Protection

Identity theft refers to fraud that involves someone pretending to be someone else for their own gain. We apply the current best practice to protect your users’ identity theft including:

  • Encrypted user password in database with strong encryption technique such as MD5 or SHA-1 
  • Use alpha numeric combination and case sensitive for user passwords.
  • Minimalist approach in storing and displaying user private information.

Access Policy

All users on your training website will be assigned the privileges based on their user level. This protection is to avoid users to have access to administration portal or execute administration rights.

Session Hijacking Protection

Mediasphere use the file system based tracking for all users’ sessions to address session hijacking potential. This means that every time a user logs on to your portal, it generates a new session value and stores the value in the database. On every page of training portal where authentication is required, the user session will be compared with the one stored in database. As the session is renewed, this guarantees a user dynamic session value, which makes it harder to duplicate or followed, thus providing a higher level of security for your organisation.

Data validation

We ensure that all forms on your training portal are to accept only correct data type. This data filter checks against numbers, letters or alphabet or non-numeric characters.

Defamation of site

Mediasphere protects against defamation of the site by preventing unauthorised access to file servers. Our systems feature data validation on all forms and write access on files and folders permission (executable, read and write). The file upload directory has read / write access permissions to prevent malicious users from executing code remotely to gain access to the site.

IP Tables

IP Tables is a software firewall that provides a key layer of security. The software firewall controls all access to and from the server on designated ports, IP addresses and TCP and UDP layers. The firewall allows certain users from range of IP addresses to make requests to a designated port on the server or alternatively from server to IP addresses.

Load Balancing

If your training portal is an enterprise solution with high volumes of traffic, Mediasphere can provide access to load balancing technology for annual upgrade. Load balancing technology provides two identical servers that are configured with identical specification and capacity. With the layer technology, it automates the distribution of website traffic between both servers. With this technology, it is capable to serve millions of user with static HTML request. When it comes to database interaction, generating image, and streaming video we can provide high quality streamed traffic to your users.

SQL injection

SQL injection is a form of attack on a database-driven web site in which the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet. SQL Injection is a very common attack on search forms, login forms and most forms that send requests to server to access the server database. Mediasphere guards the input data submitted by user to eliminate unwanted code or SQL commands to be passed into the processing script.