All data collected on this website is stored in an encrypted database, at the web hosting facility. The web and database hosting are managed by 1&1 (1and1.com). The database itself is encrypted with a password. The password is not stored on the file system - it is hashed upon entry and compared to the hashed version. The database is only accessible by the website itself and by a CFS-ME administrator logging in through a password protected 1&1 Admin panel. The database resides on its own server and is not shared with any other service nor any other 1&1 web hosting client. The database and website are backed up daily by 1&1 and stored only on the dedicated server.
1&1 employs firewalls to avoid and prevent attacks on its hosted sites. 1&1 also runs a virus scan against all its websites daily to identify suspicious and malicious files or programs. Furthermore, CFS-ME Registry uses Wordfence, a Wordpress service to block attacks from known offending IP addresses and to protect against hacks (more details can be found at: www.wordfence.com). My personal access to the website is through SFTP (secure file transfer) and HTTPS (encrypted web browsing), both secured protocols. The site uses an SSL certificate for verification of website ownership (you can verify it at https://www.digicert.com/help/). Furthermore, the website uses SiteLock (www.sitelock.com) as an added layer of website security - the website is scanned daily and the logo (bottom left of each page) is updated daily.
If anyone has questions not answered here or any of the points above could be clarified, please click the Feedback link and we will address your comments. Thank you.