Skip to content

Making our platforms more secure

We've recently made a series of improvements to the powerful web server behind our public participation platforms to make it secure and safe, giving our customers and communities continued trust and confidence in our product.

Every day, Participatr's digital platforms capture the personal data and opinions of thousands of people. It is therefore vital that we guard against the latest cyber threats and keep our system as secure as it can be. Whilst we already have a range of core data security measures in place (which are detailed here), the methods that hackers use are constantly evolving and it is important that we stay ahead of the game.

Here are the latest examples of data security enhancements we've made:

Multi-factor authentication

Hackers are using more and more sophisticated techniques to bypass password protection and extract sensitive data from protected systems. We've recently introduced secondary authentication to our project team 'dashboard' by timed one-time passcode (TOTP), where the user must first enter their password and then type a random 6 digit code received by email within 60 seconds to access the system.

This provides enhanced protection against external hackers and means that somehow finding out a user's password is no longer enough to access the system. Crucially, it also means that users that no longer require access (like a member of the project team that moves jobs to an organisation outside of the project team) automatically have access revoked once they no longer have access to their organisational email address, as access to their email is required every time they login to the dashboard. This also provides organic protection against data leakage (i.e. data being accessed and transferred where it shouldn't be).

Virus scanning

Threats can also come from malicious files uploaded to our engagement web pages, uploaded to our 'dashboard' or sent by email. That's why we've introduced in-line virus scanning of all files (such as photos and PDFs) that are uploaded, as well as a scheduled full virus scan on our web server every 24 hours to detect any threats that have found their way into the system.

Data-at-rest encryption

All of the data that we collect is stored on our web server, which is physically located and stored securely in our offices in Bristol, UK. That means that we have full control over and confidence in where the data is stored and processed, as well as complete freedom to expand our system's capacity and functionality to meet the rapidly increasing demand for our product.

However, in the unlikely event that someone manages to break into our offices and steal our web server, we need to know that whoever steals it can't access and exploit the data. That's why we have put in place data-at-rest encryption, which means that our data storage can't be plugged into another device to access the data. Whoever accesses the data needs to go through multi-factor user authentication, either remotely or physically, regardless of whether they have physically got their hands on the server.

Passcode-protected data downloads

Our project team 'dashboard' allows named data controllers and processors to export feedback, stakeholder and correspondence data in CSV format, on-demand. Whilst we have close control over who has login access to the system (and therefore primary access to this data), we can't control what happens to that data once it has been downloaded. That's why we've put in place passcode protection and encryption of downloaded files, meaning that it can be transferred over the internet securely and only accessed by those provided with the passcode.

IP address whitelisting

As a organisation, we need constant, on-demand access to administrative functions of our web server, wherever we are in the world, to be responsive to the quickly moving nature of the public participation projects that we work on. In order to do so, our administrative interfaces need to be accessible over the internet, so we can access them on any device. This potentially exposes the inner workings of our public participation platforms to hackers around the world.

To prevent any unauthorised access and mitigate this risk, we use a practice called 'IP address whitelisting' which means that only devices on our office's local network and devices using our virtual private network (VPN) service can detect and access these administrative web interfaces. What's more, using our VPN service when we're away from the office means that data we transfer in and out of the system using these web interfaces is encrypted and protected against hackers even if we're on a public wifi network, for example.

Web application firewall

We've installed ModSecurity2 web application firewall to guard against malicious automated attacks on our public web pages and password-protected 'dashboard' area. This uses the OWASP (Open Web Application Security Project) Core Rule Set, which automatically protects our system against the most common and up-to-date attack techniques.