Ensuring the security of your website is critical in our online world.

ASCS reported over 11,000 security incidents affecting Australian businesses in 2014 and this probably only represents a small proportion of incidents due to the stigma that is associated by a security laspe.

Don't underestimate the level of risk or potential economic harm that this can cause your business or institution.

Our packages

Our Drupal Site Security package take this concern out of your hands so you can concentrate on running your business.

While you do that, we will be:

  • Monitoring the availability (uptime) of your website
  • Continuously monitoring all Drupal Core security updates released
  • Reviewing the regular Drupal contributed module and theme security updates
  • Assessing your site for forward compatibility of new browsers
  • Monitoring for any modules or themes that go out of support for any reason

This process occurs throughout the year.

The application of security patches on a quarterly basis is priced from $360/year + GST - a great option for smaller sites with standard modules that do not change often.

The application of security patches on a fortnightly basis is priced from $1800/year + GST - this option is great for organisations with internal security policies with stringent requirements.

Our process

When a Drupal security update is released that applies to your website, we will;

  • Create or refresh a test environment for you
  • Apply appropriate security updates to your test environment
  • Internal QA the updates ourselves for obvious issues
  • Advise you of the updates and provide 5-10 business days for you to test depending on the criticality of the patch
  • Once approved or after 5-10 business days, we apply the updates to your production site
Site security workflow

We will also keep you regularly informed of any site enhancements we feel are required to your site due to new operating systems, new browser releases, unsupported modules, API changes, etc. Any recommended site enhancements will be quoted and require approval prior to implementation.

Critical updates

While extremely rare, any critical updates, like Drupalgeddon (15 October, 2014) and Drupalgeddon 2 (28 March & followup release 25 April 2018), will deviate from this workflow and may involve patching or updates that carry to lowest risk in the quickest possible manner.

All of our clients were patched within one business day of this particular security release.

Our results

We are constantly monitoring and assessing the updates with a number of automated tools and alerts to ensure that you stay safe.

Since 1st July 2014 alone we have managed dozens of core Drupal and hundreds of project related security releases for our clients. 

Are you worried about the security of your site? We are experts. Contact us today.

Recent advisories

Please refer to the following pages for a full listing: