Considerations For Designing A Secure Content Management Strategy

By Author: unknownmem
Total Articles: 128
Comment this article

When a Web site is first deployed, all content can be added to the MCITP certification(http://www.mcitp-70-620.com)
when the site is not accessible externally. However, after a site is deployed, it must be updated.
The methods for content management must be securable and secured, and the ability to change and update content must be granted only to authorized users. You can move content to the Web server by using FTP, Microsoft FrontPage publishing, WebDAV,copy and paste, or third-party Web publishing products. There are two security issues with all of these methods: managing authentication and authorization for the file move?ment, and securing the data. Content can also be modified directly on the server, although this is not recommended. Regardless of the method you choose, unautho-rized users or guests should not be able to make content changes on the Web site. The entire process of content management must be secured—from ensuring that proposed changes are approved to securely moving the content from test servers to the microsoft exams(http://www.mcitp-70-620.com)
Web site. To design secure content ...
... management, consider the following items:
The content management approval process New content for Web sites must be approved. A process should be developed and enforced that identifies who can
approve changes to site content.
Content update production New content should be developed and tested on a test server. Developers should not have the ability to write to the production
server, and all changes should be made on the test server first, and then content can be moved to the Web server.
Automatic updates of content Content should be moved to the Web server in a secure manner. Automatic updates from test servers is not a secure method
unless the test server is as secure as the production server. It makes no sense to allow changes made to an insecure server to automatically propagate to the production server. If the test server is compromised, any content the attacker designs will be automatically posed to the production Web server. Instead, consider transfer of content changes to a secondary server and then, after inspection, movement to the production site.
Updating content using FTP An FTP site or sites for updating content should be created on a separate server from the production Web server. Access to FTP
sites can be authenticated, but authentication credentials will traverse the network using clear text. Consider the following options:
Using a Free MCSE PDF questions(http://www.examshots.com/certification/MCSE-2003-50.html)
VPN to access the FTP server
Limiting access to the FTP site to specific servers