Why IT Departments Love Working With Us
It's not just the Volunteer Managers...
- We perform external vulnerability scans of our entire environment every week.
- A third party runs a penetration test annually and we are happy to share the results with IT departments.
- Our software stores user credentials using a strong one-way hashing algorithm (bcrypt) with random salting.
- Data encrypted in transit – 256 BIT TLS (and fallback to 128 BIT TLS where 256 BIT is not supported).
- Data encrypted at rest – 256 BIT AES encryption
- Brute force login protection
- Intrusion detection and prevention system – Any suspicious behaviour flagged by the motoring software gets alerted to technicians, always on hand and ready to intervene if needed.
- All server operating systems and applications are patched in accordance with recommended guidelines.
Performance and Reliability
- Our application is deployed on dedicated, over-provisioned hardware located in a secure CSAE4316 certified datacenter.
- We monitor our systems 24x7x365 using internal, external synthetic and external RUM monitoring to ensure optimal service performance and uptime.
- We utilise a CDN to ensure our application assets are loaded quickly world-wide.
- Our development methodology prioritises bug and security fixes ahead of new features.
- We have a 1 hour hardware replacement SLA with our datacenter – ensuring faulty hardware is replaced quickly.
- Over the past five years, our uptime outside of scheduled maintenance has been 99.997
- We proactively scale the solution to stay ahead of concurrent user demands.
- Core technology is developed by internal staff (not outsourced)
- During development, each code check-in passes through our continuous integration environment, which:
a. Performs a full build on all components of the system.
b. Automatically runs our suite of unit tests for each component.
c. Automatically runs our suite of integration tests for major subsystems.
d. Deploys a fresh copy of our product into our staging environment for manual/UA testing.
- We monitor our live systems on several levels:
a. Synthetic external monitoring (from multiple vendors) for measuring the uptime and performance of major endpoints.
b. Internal monitoring to watch the uptime and performance of key internal resources and to monitor database/query performance.
c. Real User Monitoring (RUM) to monitor actual end-user page load times.
- Our general methodology is to prioritize the development and deployment of fixes for known issues ahead of new features.
- We perform onsite and offsite backups every 3 hours and store the offsite backups in two geographically-dispersed locations with a 28 day retention period.
- We provide fast, knowledgeable technical support directly to IT departments from our lead architect and software developers.
- We provide 24×5 and period weekend support by chance, email and telephone to administrative users
- A mean first response to chat based queries of under ten minutes
- Extensive searchable help files
- Training videos