Websites can be dangerous. Even legitimate websites like garrison.com can be hacked by criminals or other malicious parties and used to host malware which could compromise your machine. Our web pages incorporate elements such as Javascript from third party websites including Google Analytics and Hotjar in order to collect and analyse anonymous usage information. We also use third party software provided by OneTrust to manage user cookie preferences. The Javascript from these third party websites could also potentially be hacked, and used to host malware which could compromise your machine.

This policy describes at a high level the measures we have used to reduce the risk of this.

Higher security approaches exist. We have chosen this approach based on a balance of security, convenience and cost;

1. We use an S3 bucket with static content to serve end users
2. A Lambda function through an API Gateway is used to handle the contact form
3. The AWS administrative accounts are protected by passwords and two-factor authentication