Double Down on Security With Encrypted WordPress Media Uploads

Mar 24, 2021 | Security

With the wave of privacy laws like GDPR, CCPA, HIPAA, COPPA, and SHIELD, if you own a WordPress website you have an important legal obligation to keep their customer data safe and protected. Encryption is one of the best ways to protect your data, and Infinite Uploads makes file encryption dead-simple.

Morpheus meme: what if I told you you can encrypt this data?

Infinite Uploads Secure Foundation

We understand how important keeping your data safe and secure is, so we designed and built Infinite Uploads with security at the core of our cloud service. It forces encrypted TLS connections to transfer files to and from the cloud and CDN. We designed our API with the latest in security best practices. All tokens and credentials are hashed, encrypted, segmented per customer and site, and rotated automatically without you having to do a thing. We even support multiple 2-factor login methods to protect access to your account and data.

Encryption at Rest

Even with all this, we knew we could go farther, now all files uploaded to the Infinite Uploads cloud are encrypted at rest with server-side encryption (SSE) using the 256-bit Advanced Encryption Standard (AES-256)! That means with no extra effort on your side, media uploads are being secured with an extra layer of protection.

Moses meme: free encryption for all!

When a file is uploaded in the WordPress media library and synced to Infinite Uploads, it is transparently encrypted with AES-256 encryption. AES-256 is a powerful block cipher well known for being the strongest level of commercially available data encryption. It is this encrypted data that is actually saved across multiple disks in our partner data centers. Each file is encrypted using a unique encryption key, and each file’s encryption key is additionally encrypted with a global key before being saved. These encryption keys are kept secured in isolated systems separate from the data and used to encrypt and decrypt transparently as needed as files are uploaded and downloaded from cloud storage.


All files synced to the Infinite Uploads cloud are now encrypted at rest with server-side encryption (SSE) using AES-256!


This encryption at rest makes it much harder for an attacker to access or misuse any data. Even if they somehow got direct access to the servers or disks in the datacenter the data would just be a scrambled mess without the encryption key. AES-256 is the same level of encryption used on iPhones that the FBI went to war with Apple over as they were unable to bypass it.

Compliance: ✔️

Perhaps more importantly, encryption at rest may be mandatory to satisfy relevant compliance requirements and/or industry standards, like the Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS). And it helps check those boxes for compliance with privacy laws like GDPR and CCPA. At a minimum, you can feel satisfied knowing your data has an extra layer of protection that would be impossible to get from any web hosting provider.

Conclusion

With so many privacy and security compliance requirements, it’s more important than ever to choose a secure storage and media delivery solution. Choosing Infinite Uploads cloud storage for your WordPress media library makes data security easy. And that’s just a cherry on top of the hosting plan cost savings, infinite scalability, and performance improvements it provides.

Get started with the Infinite Uploads plugin and managed cloud services free for 7 days.

New to the cloud or want to know more about data security? Our support team is standing by to help. Leave a comment or contact us and we will get back to you promptly.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *