The Sitecore security model allows businesses to lockdown any part of their website to meet their business needs. Find out the advantages of this best of breed security model.
Out of the box, the Sitecore security model allows you to lockdown any part of your website that you desire and conversely allows you to relax these restrictions to meet your organisational needs.
‘That’s great’ you might be thinking, but how exactly do we do that? The answer comes in the form or Sitecore security accounts and domains.
Sitecore accounts are one of two things, either an actual user whom you set permissions on directly or a role which you can assign permissions to and then add associated Sitecore users to this role, the latter being Sitecore best practices and makes it simpler in the long run.
Sitecore does come with some predefined roles as standard, however, we would almost always recommend custom roles for your organisation as that gives you tailored roles that match your needs. This gives you the ability to add Sitecore users to multiple roles and define their ability to see different parts of the content tree as an example.
Security domains on the other hand are another level of separation, whereby a collection is created of security accounts that have something logical in common. The easiest example is users who need to access Sitecore vs users who simply use the public website. These could be grouped logically into a Sitecore domain and an Extranet domain. This makes it even easier to manage each of these collections for high-level rules which you need to put in place.
At the start of any implementation of your Sitecore website, Sitecore security should be taken into consideration. By doing this you prevent issues from arising further down the line that could have been prevented with a small amount of planning upfront.
Having over 20 years’ experience of delivering hundreds of Sitecore best practices implementations, at Kagool, we’re well-versed in Sitecore security and its value to businesses. To help organisations get the most from Sitecore, our specialists have produced a set of guidelines that we use to help clients minimise any potential risks and maintain a safe and secure Sitecore website.
Sitecore uses a role-based approach to security which is great in giving flexibility, however if not set up correctly, it can also lead to a less secure implementation than required. So, there are a few things to consider when setting these up and on an on-going basis.
An important part of Sitecore security is managing security permissions.
Here are some tips for setting security permissions in Sitecore:
Give the right people control over publishing the right content at the right time. Start by planning the workflow for content from ‘draft’ to ‘published’. Map a simple content workflow which determines who approves content and how many stages of approval there are. Add roles such as an “author” and an “approver” with the appropriate permissions. You can then assign these roles to different Sitecore users.
Hopefully you never have disgruntled ex-employees. But, to be on the safe side it’s still a good idea to keep on top of your active user accounts. Consider introducing a step in your staff exit procedure that makes sure user accounts are disabled. On top of that, a regular review of your active accounts is wise.
Focus on the Sitecore user accounts as a priority. But for general good housekeeping do a wider user account review. We have developed custom functionality for some of our customers to aid this process.
Ask any Sitecore developer and they’ll know the password for the default admin user. So make sure that you either remove the default admin user completely or change the default password.
Consider implementing a requirement for complex passwords. You know the type that seem more like an endurance challenge? Yup, those.
In all seriousness, users are becoming more accustomed to this requirement. A few rules will encourage your users to have stronger passwords. For Sitecore security best practice, it’s not a bad idea to require a regular password change.
Too many administrators are like too many cooks! Not everyone needs to be an administrator. Instead, create specific site administrator roles which can be configured accordingly.
It is rare that we give our customers full Sitecore administrator privileges. This prevents them from accidentally accessing elements that can disrupt the site such as changing templates. Overall, this gives them a simpler user experience.
Sitecore have always maintained a set of instructions for every version of the software that they have released focused solely on how to ensure that your production instance of the website is as secure as possible from known threats. We see these as the following points.
For great Sitecore security, reduce the chance of losing sensitive data. Make sure you secure connections (using https) to areas that communicate sensitive data.
Typical areas might be:
https connectivity in the latest versions of Sitecore is out of the box and enforced so all connections between pages and requests mean they are secure.
Sitecore gives you a lot of flexibility and this can lead to complex configurations. During a previous project, we adopted a site that wasn’t encoding data as it should have. By adding a simple setting in the configuration, we made the site less vulnerable.
In the interest of Sitecore security, it may not be ideal to operate from a single server.
If possible, separate your Sitecore instance into two servers:
This will have Sitecore licensing, hardware cost and Sitecore hosting implications. There are plenty of advantages. With this setup the authoring environment will remain hidden away. It may only be accessible on your internal network or restricted by IP address.
So, in a worst-case scenario, where an attack comprises your website, it wouldn’t affect the master database. The damage would be limited and recovery would be quicker.
An application is only as safe as its code. Sitecore is a great foundation for your website. Code should follow coding standards and Sitecore best practices to provide a “safe house”.
The basic principles any Sitecore development should follow are:
Another precaution is using load-balanced servers.
The benefits to this are:
If you’re having issues with your Sitecore implementation or your site performance, contact us about your requirements and to learn more about a Sitecore audit. If your business is considering Sitecore as a new platform and you’d like to know more, get in touch or book a demo, we’d love to help.