WEBSITE SUPPORT, MAINTENANCE, SECURITY
Ensure your investment is securely supported, maintained and optimised for performance
Technology is always evolving. From information security and infrastructure management to bug fixing and enhancements, we’ll support your digital platform throughout its lifecycle, so you can rest easy.
We provide our clients with ongoing, reliable and exceptionally affordable website maintenance and support, delivered under highly competitive SLAs.
If you’re looking for a new development partner, it’s also a great place to start. Resolving legacy issues, auditing and improving systems, making small but effective enhancements is a core service of Mainstay, and often ideal place to kickstart a great working relationship.
Website support
We offer flexible and ongoing helpdesk support for your site which includes a range of services:
- Technical support for general website administration
- Fast ticket responses
- Online ticketing and phone support
- Live Chat
- DNS and domain management
- Site or server errors
- SSL management
- Training and instruction in CMS/website administration
- Front and back end bug fixes
- Form issues
- Content updates
All support and maintenance services are governed by strict SLAs, underpinning our commitment to respond quickly, and our transparent approach ensures there are no hidden costs or prohibitive fees.
Website maintenance
Along with hosting your website, Mainstay Digital undertakes ongoing behind the scenes maintenance of your site, either on a quoted, ad-hoc basis or under one of our website care plans.
“Maintenance” refers to ongoing CMS core updates, plugin updates, database optimisation, performance monitoring including page optimisation, times (server, CMS), performance optimisation. It’s a proactive service.
Why do you need ongoing maintenance?
Ensuring your CMS, plugins and services are kept up to date is critical both from a security and a performance point of view. Websites become susceptible to hacks and vulnerabilities if they are allowed to degrade over time. Upgrades, updates and patches are constantly released to protect against such vulnerabilities.
Ongoing maintenance and patching is an insurance policy to protect your digital assets.
Website security
Maintenance and patching is one important aspect of keeping your website and data secure, however it should not stop there. We work with clients with varying levels of security requirements, from basic through to highly sensitive, and ensuring appropriate measures to secure data is in place is critical.
Major areas for consideration occur at a server, server application, DNS and application (CMS) level. Noted below are some of the strategies we employ for our clients, depending on business needs:
Application / CMS level
- Ongoing core CMS, plugin, theme patches and upgrades
- Defined user access levels and roles, two-factor (or higher) authentication, workflow approval processes
- High password levels as standard (minimum lengths, use of numbers, characters
- Dashboard access limits
- No default admin access / user names
- Application firewalls, GEO-IP blocks, granular firewall configurations
- Limited login attempts/ reset passwords
- Internal notifications of access level changes
- User of “super admin” (administrators can’t create other admin accounts)
- Auto logout of idle user preset time limits
- Sanitizing inputs to prevent SQL injection
- Strip tags and HTMLspecialchars to mitigate XSS vulnerabilities
- Cross site request forgery protection tokens
- Form validation, both browser and server side
- General best-practice, secure code development
- Re-captcha on forms and submissions
- No ability for file upload, unless in secure area of the site
- Application audit logs
Server / server application / DNS level
- GDPR compliance (European General Data Protection Regulation)
- DDos (distributed denial of service) prevention
- Login security (rate limiting, SSH, SFTP)
- Bot protection / brute force login attempts, DoS (denial of service attacks)
- Whitelisting IP addresses for database access
- Application isolation
- Server application patching and upgrades
- Server level firewalls
- GEO location blocking
- Folder / directory hardening and permissions
- Server level malware / virus scanners
- Australian-based data centres for data sovereignty
- Server applications patched and up to date.
- SSL (HTTPS) encryption site-wide – “High” level of encryption assurance
- Periodic / regular server and application backups and snapshots
- End to end encryption
- Suspicious device login control
Security audits, reports and incident responses
Along with the regular maintenance and general security work, we also undertake website security audits, reporting and incident responses as stand-alone projects or in a consultative capacity.
We’ll audit and assess for areas of vulnerability, undertake penetration testing and identify security weaknesses at a server and application level.
We secure data, clean up hacks or compromises in response to a vulnerability or data breach, and provide reports and recommendations to ensure security for the future.
RECENT WORK
Great Southern Press
GS Press publishes a range of highly circulated trade publications, and enjoys very strong readership both online and print; coupled with their regular conferences and events.
In spite of an ageing (but still robust) platform, we have undertaken dozens of technical challenges to improve, evolve and streamline functionality and user experience across GS Press’s multiple brands.
WE’D LOVE TO HEAR FROM YOU!
We’ll happily arrange a time for a call or meet, provide you with a scope of work and estimate, or give you some expert advice.
