(301) 760-7604

Content Management

Enterprise Portal Security

Enterprise Collaboration

Web-based content management system (CMS) solutions have revolutionized how organizations share information with all their stakeholders, both internally and externally. These highly accessible mechanisms for publishing web-based content have made it incredibly easy for organizations to manage and distribute information, for consumption on any browser-enabled device. Popular corporate CMS solutions like Adobe AEM and Microsoft SharePoint also come with a wide range of built-in themes, and a variety of out-of-the-box web components — including blog, wiki, document library, list management, and calendaring elements. And advanced capabilities such as versioning and workflow approval allow companies to curate content with a high degree of fidelity.

Meaningful Risks

With organizations relying so heavily on content management system implementations to manage all aspects of their business, there is a strong need to ensure that these systems are secure. There are a number of cybersecurity issues that must be addressed with any CMS implementation:

  • Data in Motion. It is critical to differentiate between sensitive and non-sensitive data, and to ensure that any sensitive data (PII, classified materials, payment information, etc.) are encrypted in motion.
  • Data at Rest. Sensitive information must also be encrypted at the back end, and potentially stored on dedicated spindles to maintain operational security.
  • System Architecture. For client-facing or partner-facing solutions, a proper n-tier architecture must be validated — ensuring that only the presentation layer (i.e., web services) are directly accessible in a DMZ, and that application and database tier systems are secured on the private corporate network.
  • Access Control. Noting that it might not be appropriate to grant all users access to all information, a role-based (RBAC) or attribute-based (ABAC) solution may be necessary.
  • Content Tagging. Of course, access control only works when content is tagged appropriately. Aerstone Labs SIFT™ is an automated content-tagging solution that integrates with Adobe AEM and Microsoft SharePoint, to ensure that all artifacts (both searchable and non-searchable) are tagged correctly, based on extracted file content.
  • Authentication.  Enterprise CMS solutions can be integrated with Microsoft Active Directory, to provide single-sign on (SSO) capabilities. This integration must be planned carefully, so as to facilitate the desired authorization scheme.
  • Endpoint Security. With the growing need to access and manage content on any device, mobile and otherwise, addressing endpoint security is a critical piece of any CMS security architecture.

Services By Type




Services By Environment



Our Experience Sets Us Apart

Aerstone is an NSA-certified vulnerability assessor, and a service-disabled veteran-owned small business.
We approach each engagement with the highest levels of professionalism, determination, and creativity, honed by years of working with
security professionals across the military, intelligence community, civilian government, and private industry.

Contact our sales team at for more information.