(301) 760-7604

CMS Security

Enterprise Portal Security

Ideal for


Enterprise Collaboration

Web-based content management system (CMS) solutions have revolutionized how organizations share information with all their stakeholders, both internally and externally. These highly accessible mechanisms for publishing web-based content have made it incredibly easy for organizations to manage and distribute information, for consumption on any browser-enabled device. Popular corporate CMS solutions like Adobe AEM and Microsoft SharePoint also come with a wide range of built-in themes, and a variety of out-of-the-box web components — including blog, wiki, document library, list management, and calendaring elements. And advanced capabilities such as versioning and workflow approval allow companies to curate content with a high degree of fidelity.

Meaningful Risks

With organizations relying so heavily on content management system implementations to manage all aspects of their business, there is a strong need to ensure that these systems are secure. There are a number of cybersecurity issues that must be addressed with any CMS implementation:

  • Data in Motion. It is critical to differentiate between sensitive and non-sensitive data, and to ensure that any sensitive data (PII, classified materials, payment information, etc.) are encrypted in motion.
  • Data at Rest. Sensitive information must also be encrypted at the back end, and potentially stored on dedicated spindles to maintain operational security
  • System Architecture. For client-facing or partner-facing solutions, a proper n-tier architecture must be validated — ensuring that only the presentation layer (i.e., web services) are directly accessible in a DMZ, and that application and database tier systems are secured on the private corporate network.
  • Access Control. Noting that it might not be appropriate to grant all users access to all information, a role-based (RBAC) or attribute-based (ABAC) solution may be necessary.
  • Content Tagging. Of course, access control only works when content is tagged appropriately. Aerstone Labs SIFT™ is an automated content-tagging solution that integrates with Adobe AEM and Microsoft SharePoint, to ensure that all artifacts (both searchable and non-searchable) are tagged correctly, based on extracted file content.
  • Authentication. Enterprise CMS solutions can be integrated with Microsoft Active Directory, to provide single-sign on (SSO) capabilities. This integration must be planned carefully, so as to facilitate the desired authorization scheme.
  • Endpoint Security. With the growing need to access and manage content on any device, mobile and otherwise, addressing endpoint security is a critical piece of any CMS security architecture.

Our Experience Sets Us Apart

Aerstone is an NSA-certified vulnerability assessor, and a service-disabled veteran-owned small business.

We approach each engagement with the highest levels of professionalism, determination, and creativity, honed by years of working with security professionals across the military, intelligence community, civilian government, and private industry.

More Products

PCI Compliance

PCI Qualified Security Assessments for payment card acceptance


CMMC Readiness Assessments for DoD Contractor Companies

Red Flag Rules

Compliance With FTC Identity Theft Legislation

Connect with Aerstone’s cybersecurity experts today.

Let us know what you’re interested in and we’ll get back to you within 24 hours.