Security Measures with Cascade CMS

Thursday, November 12th, 2015 at 11:00am
Security Measures with Cascade CMS

Hannon Hill built Cascade CMS to ensure the confidentiality, integrity, and availability of content. That dedication to providing a secure, technologically flexible, and easy-to-use content management system is why Cascade CMS powers more than 25,000 sites and supports 90,000 users across the globe.

Push vs. Pull

Attention to security is baked into Cascade CMS from the ground up. Unlike strict pull-based CMS solutions that couple with web servers, Cascade CMS is push based with a handful of pull capabilities enabled by web services. Content changes are made in the CMS and then “pushed” (aka published) to the live website. Since content changes are pushed out as static HTML, there’s far less risk of a vulnerability affecting your web server or allowing unauthorized access to your website.

Another benefit of a pushed-based CMS is the ability to test content and publish changes when you’re ready for them to go out. It’s better for resource management because when a pull-based website is loaded, it sends a request back to your database to check against every web asset on the page. This process eats up system resources and can even slow page loading time - and too much strain can lead to a database crash. Worse, because pull-based content management systems are coupled with your web server, your entire website goes down if your CMS is offline. That’s never an issue with Hannon Hill - your live website will never be impacted if Cascade CMS goes off line.

Deployment Options

Cascade CMS has two deployment options: Cascade Installed and Cascade Cloud. The version that’s best for your organization largely depends on if you’re looking for control or convenience. Cascade Installed and Cascade Cloud are both highly secure, easy for end users to learn, and offer a great deal of customization.

Cascade Cloud

A breeze to set up, Hannon Hill can implement your Cascade Cloud instance as soon as we’ve received your Purchase Order and signed Master Subscription Agreement.

We’ll take care of setting up and provisioning two virtual machines - one for your Cascade Cloud CMS and the other for your CMS database. Cascade Cloud is not a SaaS based system - your CMS and database will be stored on their own individual cloud instances.

Hannon Hill maintains a secure cloud environment and keeps all Cascade CMS instances behind firewalls that only allow specific ports (such as those for SSH and web traffic) to remain open. Direct access to application servers requires an SSH key, while database servers can only be reached by the application server. Upon request, our team can configure Apache to allow only a specific IP range to access your Cascade Cloud instance.

Beyond deploying initial security measures, Hannon Hill will work with you to deploy needed security patches, updates, and new releases. We’ll even run backups of your CMS database and store them for seven days.

Cascade Installed

Cascade Installed, Hannon Hill’s original version of Cascade CMS, is often selected by organizations with stringent security requirements that prefer to host applications on-premise using their own servers.

On-site hosting allows organizations to decide exactly when to handle different activities such as applying system patches and upgrades, installing additional applications, managing backups, storing data, and more. Cascade Installed allows clients to customize security measures to their exact preferences.

One major benefit of Cascade Installed is that additional licenses for development / testing and failover are included by default. Test out any update or change in a development instance prior to applying it to production for no surprise mishaps when upgrading. In the rare case that your primary CMS instance goes offline, minimize downtime by updating your DNS records to point users to a pre-configured standby instance of Cascade CMS. Even if Cascade CMS goes off line entirely, your website isn’t impacted!

Cascade Installed users can also deploy VPN protection for their CMS. While Cascade Cloud offers many security measures, a VPN will block any incoming connections that don’t originate from a specified internal IP range.

But with great power comes great responsibility. With Cascade Installed, administrators are fully responsible for applying patches, CMS upgrades, hardening systems, and deploying additional security measures such as firewalls, encryption, or VPNs.

Making Right What Once Went Wrong

It shouldn’t have happened, but it did. Something somehow has gone wrong. Maybe a user deleted the wrong file or the live site was compromised and inappropriate content was uploaded through the web server. No matter what happened, you need the tools to recover. And Cascade CMS gives them to you.

Granular User Permissions

Prevent unauthorized changes by ensuring end users have access to only the content that they need and nothing else. With the ability to create unlimited groups and roles, Cascade CMS allows you to set extremely granular, site-specific user permissions. This means that a marketing user can maintain a social media mashup page, but doesn’t have access to your homepage. Another user might have near administrative privileges on one site, but only be able to swap out photos on another. Permissions can even be set on individual assets.


Cascade CMS offers superior auditing, not just on an individual user basis, but by group, role, and asset. Monitor who’s making changes, when they are active, and the IP address they are logging in from. Cascade CMS will automatically enters basic comments regarding certain content changes when new drafts are saved.


Use workflows to ensure updates are approved before content goes live. Workflows give approvers the option to make changes themselves, send back for changes, reject and delete a draft, publish to a staging environment, or publish to production.

Rollback to Previous Versions

With full version control, restoring content is a snap. Every page and asset tracks draft changes, so just pull up the preferred version, click to activate, and republish.

Contact us at to learn more about how Cascade CMS can help you manage your web marketing efforts with ease and flexibiilty.


Subscribe to our blog via RSS Download RSS

Hannon Hill Corporation

3423 Piedmont Road NE, Suite 520
Atlanta, GA 30305

Phone: 678.904.6900
Toll Free: 1.800.407.3540
Fax: 678.904.6901

GSA Contract Holder