Our website is monitored for malware by WP Engine, which has tools and custom scripts for vulnerability scanning, both externally (i.e. through network connections) and internally (i.e. scanning disk and database for known vectors and exploits).
WP Engine contracts two separate, well-regarded security firms for auditing and remediation: SecTheory and Sucuri.
We use Infusionsoft, which is a Web-based software that combines CRM, email marketing, and e-commerce to manage our online payment process along with customer payment and email subscriber information.
Infusionsoft is a Level 1 e-commerce application service provider that provides BuiltLean with a method of collecting credit card data through a shopping cart, order form, or manual order which is then passed to our payment processor Authorize.net. As a Level 1 Service Provider, Infusionsoft complies with a rigorous set of standards set forth by the Payment Card Industry Data Security Standard (PCI DSS.)
In summary, these standards require:
Infusionsoft specifically does the following:
Our website is hosted through WP Engine, which is a leading provider of web hosting solutions for sites based on WordPress. We use WordPress as a content management system to serve our articles and pages. WP Engine helps us provide fast page load speeds and top notch performance.
We use best practices to help reduce page load and improve site performance. We use extensive caching both when serving pages, server side along with a CDN provider to further reduce file and image sizes. This helps the site load much faster. We also make our website as light as possible through smart use of web code. Our web develops are SUPERWPHEROES who help us make modifications and update our website in a safe and stable environment.
Our site has real time monitoring around 5 locations around the world across mobile and desktop through Monitis. If our site is down, or experiences slow load times, we get email alerts.