Web maintenance agreement

Description

The web maintenance agreement is designed for departments with custom software that they wish to be installed on the University web server. These have been introduced in 2009 for all new installations. From July 09 they will be required for all existing installations.

Ongoing website maintenance is required for specialist sites powered by technologies other than the standard Kent university template (e.g. Wordpress, Drupal, Joomla etc). Maintenance is required to update your site to the latest versions of the underlying technologies when the security of either this site and its data or other Kent sites are at risk.

The IS Webteam will notify you when an update to the site’s technology is required due to a security fix.  A project plan for the update work will be provided and the IS webteam will endeavour to reschedule should this interfere with the client’s schedule. However, to adhere to IS security polices, the update must be applied within one month of the notification. Some website downtime may be experienced during this essential maintenance work.

Note: in instances of critical security issues which are being actively exploited IS reserves the right to take sites offline instantly until they are secured by either IS or the department in question - dependent on the nature of the maintenance agreement.

Features
  • Get software security updates throughout the year.
  • Security audits to ensure your site is as secure as possible for your users.
  • Risk assessment providing details of the risks that exist and how to stay safe.
Categories

The IS webteam offer maintenance agreements for departments who have websites with third party or custom software, systems, applications or code which are not one of the standard services listed on Kent on the Web. This includes pages which are not a standard university dreamweaver template page or standard form, or pages which include custom code written by a departmental publisher or external vendor. For example:

  1. Dynamic applications
      • Content Management Systems
      • Blogs
      • Forums
      • Forms uploading files
      • Forms submitting into a database
      • Other installed packages
  2. 3rd party or custom built (be-spoke) applications
  3. Needs updating/patching to new versions regularly
  4. Needs routinely checking for security validation
Why is this needed?

The server is shared by many departments and worked on by many publishers. Although these websites are separate to the publisher, they still all use the same web server. By ensuring that all applications and code installed on the server are correctly monitored, audited, patched and upgraded as needed this helps everyone have the ability to use the applications they need safely and to aim to prevent any other applications and code misbehaving to the impact of everyone.