Security requirements

• 

  codyknightcd315a44df · Member · Oct 23, 2025 at 3:21 am

  • Copy link
  • Add topic to favorites

  Hi,
  We are looking to use WordPress for our business, but we have some security requirements. Does WordPress meet these requirements?
  

  1. Provider shall utilise cryptographic measures to protect the confidentiality and integrity of data being transmitted and to prevent the unauthorised disclosure of information at rest.
  2. Provider shall implement encryption using at least 256-bit algorithms for all Information and Data, both at rest and in motion. For data at rest, such encryption shall apply at the application, database or file level storage.
  3. Cryptographic key management controls shall be defined and in place sufficient to protect the confidentiality, integrity and availability of keys.
• 

  upwardmomentum84 · Staff · Oct 29, 2025 at 5:57 pm

  • Copy link

  Just letting you know we’ve followed up to your email with some information!

• 

  codyknightcd315a44df · Member · Nov 28, 2025 at 1:58 am

  • Copy link

  Great, thank you. I have filled out the form at https://vip.wordpress.com/contact/ to request a SOC 2 Type 2 Report as our internal security team have asked for this.

• 

  staff-miltonb · Staff · Dec 1, 2025 at 10:23 pm

  • Copy link

  Thanks, @codyknightcd315a44df. Since we’re already in touch by email, I’ll mark this topic as closed. If you need more help, feel free to reply to our email and we’ll follow from there.