EPRESSPACK AND CYBERSECURITY

OR HOW TO REASSURE YOUR CIO ON SAFETY STANDARDS FROM YOUR NEXT NEWSROOM?

The years 2020 and 2021 have been unprecedented in many ways and IT risk is no exception! The accidental fire of a European host paralyzed the servers of many companies with very significant financial consequences when the new remote working practices and the flash deployment of digital transformations favoured cyber-attacks, which are on the rise. 


It is in this unprecedented context that IT security (infrastructure, data, ...) has become a sensitive and priority subject for companies. And communication departments as well as press and public relations experts are concerned. In the process of equipping themselves with a global PR management solution, they will have to convince their CIO’s, whose requirements are increasing and security standards are strengthening.

For EPRESSPACK, publisher of 300 newsrooms for large companies, IT security has long been a priority. Because its challenge is to provide platforms that ensure the maintenance and availability of content in the event of failure, activity overload, computer hacking or any other incident.

Adopted by players such as the French Ministry of the Economy and Finance, Framatome, Dove from UNILEVER, Aston Martin, INEOS, Dorchester Collections, Royal Ascot, London City Airport, De Beers, but also worldwide leaders such as Accor, Louis Vuitton, Hermes, .... EPRESSPACK collaborates with the most sensitive organisations whose trust it and with which it maintains a tailor-made and longterm relationship.

Its processes meet the highest safety standards thanks to the choice of highly qualified and certified technological partners (ISO 27 001, ISO 27 701, ISO 27 002, ISO 27 017, ISO 27 018) to meet the requirements of large companies. EPRESSPACK also pass software or hardware control and security audits.

To ensure that its customers maintain the availability of platforms and content, EPRESSPACK has set up a specific organisation and a series of 8 preventive measures that protect both infrastructure and data. Thanks to them, the accident of its partner OVHCloud last March, for example, had no impact on its business.
 

1. THE ACTIVITY CONTINUITY PLAN (ACP)
In the event of an incident, EPRESSPACK triggers an ACP developed by its team of experienced engineers. Regularly updated, it allows a rapid return to normal of activities and services:
• Triggering of the crisis unit with its technical partners
• Damage assessment
• Triggering of repair actions: a series of corrections relating to sites, servers, databases and then hosting
• Business recovery audit
• Development of an exhaustive report dedicated to the client (crisis and measures)
• Regular improvement of in-house processes
 

2. NETWORK SECURITY
EPRESSPACK regularly checks the absence of security vulnerabilities in its clients' platforms at the technical and organisational level and in particular carries out regular intrusion tests.
 

3. THE SECURITY OF APPLICATION DEVELOPMENTS
EPRESSPACK's software solution is developed in compliance with security standards adapted to the
languages used (HTML, PHP, CSS, Javascript, etc.). Its developments take into account the rules
recommended by the OWASP (Open Web Application Security Project), the best practices guide in
terms of security for web programming.
 

4. DATA SECURITY
Corporate reputation crises since 2010 have revealed the importance of ensuring the reliability of
information. In the face of increasingly sophisticated falsification technologies, data security is a major
challenge. Therefore, EPRESSPACK has developed and integrated a secure and affordable solution that
allows authentication, using Blockchain technology, of the data and sources of press releases and other
documents disseminated by the company. This technology makes it possible to verify the integrity,
source, and date of incorruptible press releases with just one click.
• EPRESSPACK ensures the security of web traffic between its servers and platform users as well as visitors.
• EPRESSPACK ensures the security of its global solution thanks to a solution for the automatic detection and filtering of dangerous flows and computer attacks.
• EPRESSPACK ensures data backup and restoration: once a day for files and twice a day for data. The integrity of backups and restore processes are checked and tested regularly.

5. DATA SOVEREIGNTY
EPRESSPACK ensures data sovereignty through its collaboration with OVHCloud, a French player and the leading European player in cloud computing.
 

6. SECURITY OF ACCESS
With the exponential development of remote working, Identity and Access Management (IAM) has become a key topic. Organisations need to determine who logs into their systems and with what intentions, especially in administrator account management. To ensure the management of identities and access to all or part of the content, the EPRESSPACK platforms offer filtered and reserved access, i.e., they require unique authentication (username / password for the entire session) via Single Sign On (SSO) or double authentication (login, password, confirmation email or SMS).
 

7. HIGH AVAILABILITY OF SERVICES
EPRESSPACK has implemented a replication of its system and network infrastructure using a cluster of servers spread over several sites in France (Gravelines, Roubaix, Strasbourg). This preventive measure automatically switches traffic in the event of an incident. Daily, this measure also makes it possible to increase the volumes and speed of treatments.

8. REVERSIBILITY
EPRESSPACK undertakes to restore, in full and without alteration, the data of companies and organisations at the end of the hosting contract and the management of their content.
 

NOW YOU KNOW EVERYTHING YOU NEED TO KNOW
And if the security standards of