Durable Digital LTD.

Umbraco development

Durable is an Umbraco Gold Partner that designs and develops beautiful Umbraco websites, integrated with your email marketing, CRM, and analytics.

Features

  • intuitive editing experience
  • Multi-device previews
  • Scheduled publishing
  • Headless content management ready
  • Multichannel delivery – manage websites, apps etc in one place
  • Media library
  • Form builder
  • Supports agile delivery and continuous deployment
  • Full APIs for front and back-end for integration
  • Managed Cloud platform including minimum 99.9% uptime

Benefits

  • Unlimited editors
  • Easy to use for content teams
  • See how content will look and feel on different devices
  • Publish any time without the need to content freeze
  • Continuous deployment of new features and bug fixes
  • Enrich user experience
  • Create forms easily
  • Adapt and publish content for social channels
  • Access to Umbraco support scaling to 24/7
  • Fully supported Cloud platform including automatic upgrades

Pricing

£150000 to £1000000 per instance per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

5 4 7 1 0 3 1 5 2 1 2 9 4 5 1

Contact

Durable Digital LTD.

Shane Marsden

+44 20 7247 5793

shane.marsden@durabledigital.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Umbraco can be added to any .NET website easily. It is also possible to add to other types of websites as well but can involve liaising with IT/networking teams.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
Service constraints Deployment is on public, private or community cloud
System requirements
  • IIS 7+
  • SQL CE, SQL Server 2012 and higher
  • ASP.NET 4.7.2
  • Ability to set file permissions to include create/read/write

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Standard response times are within 24-hours during business hours. Enterprise customers benefit from faster response times.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing We have performed no such testing.
Onsite support Onsite support
Support levels Various Service Level Agreements and costs offered depending on needs. Technical and Cloud support engineers made available as needed.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Durable commissions the Umbraco Cloud service which provides the platform and tools we need to build your website. We undertake discovery, design and development processes appropriate to your requirements, through to full system testing. Durable provides on-site training for content editors and administrators.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data is securely transferred or downloaded to a physical drive.
End-of-contract process Through request to Durable or the Umbraco Managed Service desk, a full back-up of the Umbraco database and accompanying assets can be provided. Durable can provide additional Exit Planning and Management services upon request.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service No substantive differences exist between the mobile and desktop service.
Service interface Yes
Description of service interface By default, there is no service interface but one can be added.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing We do formal testing on code that we write. Testing of the platform itself is the responsibility of Umbraco.
API Yes
What users can and can't do using the API You can enable an api or write/extend your own.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Umbraco Cloud can be fully customised to suit individual website requirements, including presentation templates, authentication providers, site functionality and editing/management functionality.

Scaling

Scaling
Independence of resources Umbraco Cloud uses the proven and solid foundation of Microsoft Azure to give your website the best of infrastructure, performance and security. Sites have multiple failsafes to ensure no single point of failure.

Analytics

Analytics
Service usage metrics Yes
Metrics types Google Analytics, Adobe Analytics, IBM Coremetrics ( IBM Digital Analytics), Unica NetInsight
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported directly from the database or an export can be run that downloads content as a compressed XML file.
Data export formats
  • CSV
  • ODF
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Per client requirements
Approach to resilience Custom or purchased with Umbraco Cloud
Outage reporting Email alerts; public dashboard

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels On demand
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach If our clients have a security governance approach, we follow it.
Information security policies and processes Durable maintains a set of security policies aligned with ISO27001 standards. All staff are briefed on the security policy at induction and ongoing compliance supported by an internal learning process.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Durable operates a Change Management process to ensure that all configuration or service changes are put through a controlled process, ensuring that impact and risk are managed, quality is maintained, and that changes are planned, documented and approved.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Durable undertakes periodic independent pen and vulnerability scanning of our networks and network services.
Protective monitoring type Supplier-defined controls
Protective monitoring approach As part of Umbraco Cloud, we actively monitor the service at all times. The service is able to detect when a particular site is experiencing extraordinary load and begins to isolate the site in question to leave resources available for other sites. The feature is designed specifically with DDoS in mind but also serves to isolate sites with malfunctioning code.
Incident management type Supplier-defined controls
Incident management approach Durable operates a mature Incident and Service Request Management process. The process is operated by our Service Management tool, which is interactive and can be configured to support the ticket workflow and metrics agreed with customers. Customers can report and update incidents via our interactive portal, email and telephone. Though we operate a core Incident Management policy and process, these can be tailored within customers Service Level Agreements to support common incidents and events.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £150000 to £1000000 per instance per year
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑