Risk: phishing emails 'supposedly from the chairman' to the treasurer to transfer money
Our solution: SPF record
Explanation: With an SPF record you make it impossible to 'fake' a sender. So nobody will be able to pretend to be the sender of a mail message [email protected] This is a well known way to get money from football clubs.
An attack to shut down the ClubWebsite by an individual
Our solution: DDOS protection
Explanation: With a DDOS protection no one can take down the ClubWebsite anymore. It is quite easy to bring a website down and quite difficult to prevent. This problem occurs occasionally when an opponent or just a technical buff (often students) wants to bring a website down.
Weak passwords and email passwords that get exposed
Our solution: don't accept weak passwords and encrypt passwords
Explanation: When creating an administration account or an email account, the system of FootballAssist does not accept weak passwords. The passwords are then stored encrypted. Even we cannot get into the emailboxes of our customers.
Spam in your inbox and emails or an emailbox that is accidentally deleted
Our solution: Spam filters and backups.
Explanation: We put a spam filter on every email account. And every day we make 2 email backups. Accidentally deleted emails or email boxes? We will restore the last backup quickly for you.
An unsecured website
Our solution: SSL
Explanation: This is actually the standard. All traffic between visitor and our server is secured, so no one can intercept passwords or personal data.
Our solution: Actively inform visitors how to prevent it
Explanation: People gain information around a person, from a public source on the website. For example: If they have a profile of a member of your club, they pretend to be the son of this member. They send that they have a new number and ask to transfer money for some reason. By using personal information, this sometimes seems very real! See how it works here.
Argument within the club, one person does not want to give up the password of the cms
Our solution: Identify yourself as an administrator of the club and receive a new login
Explanation: It happens, or rarely, that there is an argument between the administrator and the directors of the club or the directors among themselves. Sometimes so bad that the password is not released. We lock the management system and give a new account to a person who identifies him/herself with a kvk extract (maximum one week old), statutes that show that this person is allowed to act on behalf of the club and his/her personal ID. Should a malicious person have removed content from the website, backups are of course available. After all, we provide continuity for the clubs.