|
Post by Financial Thing on Jun 15, 2015 14:24:54 GMT
I'm very concerned about the security of the Rebuilding Society website and thought I'd share my concerns. I've worked i the web world for over 20 years.
When I signed up for a RBS account I checked the sites code (force of habit) and noticed it's entire platform is built on Wordpress. Wordpress is primarily a blogging platform that has more recently been developed for other uses, but I've never seen a Wordpress site used for any type of a financial transacting business due to it's lack of security. In other words, Wordpress is a vulnerable system that is prone to hacking. That's why you'll never see a bank using it.
Maybe RBS doesn't stoe any personal information on it's site, I don't know as I have yet to make any transactions. That being said if you have any type of personal, banking or financial details attached to your RBS account, I'd be very concerned.
|
|
|
Post by danraj on Jun 15, 2015 16:33:44 GMT
Thanks for raising this. Wordpress is the content managed part of the web application, it makes updating the pages & posts of the site easy for the team. Much of the financial / transaction data is separated out through plugins and use of the API. Wordpress is the platform of choice for many personal bloggers, who may not secure their server, which is why it has a bad name. Sensitive financial data is encrypted and we are careful to use strong passwords. No site is immune to being targeted, but good server admins address vulnerabilities with patches, hardened configuration and regular updates. There are some notable organisations using Wordpress, including the BBC: www.wpbeginner.com/showcase/40-most-notable-big-name-brands-that-are-using-wordpress/
|
|
|
Post by Financial Thing on Jun 15, 2015 21:52:36 GMT
Thanks for responding. As far as the BBC goes, they are a news company, not much need to store sensitive financial information there.
Glad to hear you aren't storing any sensitive information through the Wordpress platform.
|
|