WEMSA Cloud Security

Currently an A+ Database Security Rating with no known vulnerabilities

WEMSA Cloud is built with industry-standard security protections to help safeguard agency data, reduce risk, and support secure cloud access.

A+ Security Rating

WEMSA Cloud maintains an A+ security rating with no known vulnerabilities and includes multiple hardening features designed to reduce attack risk and strengthen account protection.

What This Means

An A+ rating indicates that the server is up to date, well configured, and protected by leading hardening features that make it more difficult for attackers to exploit unknown vulnerabilities.

Up-to-date platform and patching
Secure configuration and hardening measures
Stronger protection against unauthorized access attempts
Reduced exposure to common web-based attacks

Core Security Features

Account Protection

WEMSA Cloud includes brute force protection, password confirmation for sensitive actions, checks against known leaked password databases, and support for two-factor authentication.

Browser & Session Security

Security protections include CSPv3, Same-Site cookies, and __Host-prefixed cookies to help reduce the risk of cross-site scripting, CSRF, timing attacks, and cookie injection.

Web Header Hardening

Additional response headers such as X-Frame-Options, X-Content-Type-Options, X-Download-Options, and X-Permitted-Cross-Domain-Policies help strengthen browser-side protections.

Ongoing Hardening

These protections work together to help keep the platform well configured, harder to exploit, and more resilient against common attack methods.

Security Features Explained

Brute Force Protection

Slows repeated password attempts to help defend against password-guessing attacks.

CSP v3

Restricts how resources such as scripts and images can load in the browser, helping reduce the risk of cross-site scripting attacks.

Same-Site Cookies

Helps protect against CSRF attacks by limiting when browsers send cookies across domains.

Password Confirmation

Requires users to verify their password again before making certain security-sensitive changes.

Leaked Password Checks

Prevents users from selecting passwords that are already known to be compromised.

Two-Factor Authentication

Adds another layer of protection beyond a password alone and supports safer access for connected apps.

Clickjacking & MIME Protections

Browser headers help prevent embedded-page abuse, content-type guessing, and related attack techniques.

Additional Web Protections

Security headers and cookie hardening provide extra protection for browser sessions and cross-domain behavior.

Why this matters for EMS agencies These protections help reduce the risk of unauthorized access, strengthen account security, and support safer handling of important agency files and records.

Built for Secure Cloud Access

WEMSA Cloud is designed to combine strong usability with layered security protections. By maintaining current software versions, applying hardening measures, and using modern browser and authentication safeguards, the platform supports secure day-to-day access for participating agencies.

Questions About Security?

For more information about WEMSA Data Center security practices, contact helpdesk@wisconsinems.com.