WordPress Content Management System (CMS)
We provide a bespoke WordPress web development service that includes the strategic planning, research, design, and build of websites/applications delivered in the cloud.
- Specialist WordPress design, development, SEO and content teams.
- Stakeholder led research and design process.
- Responsive web sites that work across a range of devices.
- Bespoke, original designs.
- Tailored application setup / configurations as needed.
- WordPress multi-lingual setup.
- WordPress integrations with third party APIs.
- CMS training included as part of delivery.
- Scalable application for any size websites.
- Support for a range of analytics tools.
- Design process ensures you meet the needs of your stakeholders.
- Avoid website management hassle with a user-friendly CMS.
- Stable/secure platform minimising disruption for you and your users.
- SEO/content experts ensure your site is findable/navigable.
- Analytics to track performance and identify areas for improvement.
- Unique designs reflecting your values, style and objectives.
- Develop in house or with third parties. No lock-ins.
- Cost effective, on time delivery that meets your stakeholder requirements.
- Experienced and knowledgeable provider.
£875 per unit per day
- Education pricing available
8 7 4 5 4 8 2 2 2 7 9 0 1 1 0
Melt Content Ltd
0203 735 5070
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||All services need to work within the Amazon Web Services infrastructure.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||We aim to respond immediately for critical issues and within 24 hours for minor issues.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AAA|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Critical: The Supported Website is inoperable or a core function of the Supported Website is unavailable;
Serious: A core function of the Supported Website is significantly impaired;
Moderate: A core function of the Supported Website is impaired, where the impairment does not constitute a serious issue; or a non-core function of the Supported Website is significantly impaired;
Minor: Any impairment of the Supported Website not falling into the above categories; and any cosmetic issue affecting the Supported Website; the addition of content to the Supported Website; and any minor layout or design changes to the Supported Website.
|Support available to third parties||Yes|
Onboarding and offboarding
Training can provided according to the buyers needs - onsite or online.
User documentation can be provided on request.
|End-of-contract data extraction||
We set up a secure FTP for buyers to extract their data as needed.
The FTP is deleted once the data has been transferred.
All specified development and hosting is provided in the price of the contract.
Additional costs may be charged for the transfer of data to another host/third party. This will be dependent on the size and effort required to transfer.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||All builds a re responsive so the service can work on most devices.|
|Description of customisation||
Buyers can apply different skins/styles.
Widgets/plug ins can be added or removed at a page level.
Users can cusomise, edit and add content and page layouts.
Developers would need to apply styles and add widgets/plug ins.
|Independence of resources||All clients are supported in their own dedicated environments, servers and databases. No instances are shared between clients.|
|Service usage metrics||Yes|
|Metrics types||Web analytics - User journeys, specific goals and targets etc.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Encryption of all physical media|
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Users would export data via secure FTP.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||We offer 99.9% uptime on any servers or websites we maintain.|
|Approach to resilience||Available on request.|
|Outage reporting||Outage alerts are reported via email alerts and phone.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Depending on the client we will typically assign user IDs to individuals, lock down IP addresess and provide restricted and time limited access to data and documentation for download or upload via a secure FTP.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
1. Cross company security audits and reviews.
2. Team training and updates as and when required.
3. Measurement and monitoring of all identified security risks.
4. Regular reviews at board level of our Information Security Policy.
|Information security policies and processes||
We maintain a written Information Security Policy which acts as reference guide for all aspects of the organisation's information security.
Consisting of 14 seperate policies it details do's and don'ts of managing information and outlines procedures for when the policy is breached.
The ISP is regularly reviewed at board level and any recommended changes approved and implemented.
We also have an Information Security Officer who is responsible for implementing the organisations ISP.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
All changes to our websites are audited and tested prior to deployment.
Change requests are logged and their status tracked and updated on an "as and when" basis.
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||
We monitor our services and relevant channels (WordPress, Ubuntu etc) for threat alerts.
We deploy critical updates as soon as we are confident that the patch doesn't impact on systems.
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||
- Monitoring services for anomalies.
- Response depends on the severity of the issue. If it is critical or severe we will respond immediately (e.g. bot attack). If it was minor we would respond within the agreed SLA timeframe.
- Response time is dictated by the severity of the issue and ranges from immediately for critical/severe issues to 48 hours for minor issues.
|Incident management type||Undisclosed|
|Incident management approach||
As per our Information Security Policy we have pre-defined processes for events.
Users can report incidents via the phone or email.
We can provide incident reports in any format agreed with the client. These are typically provided as written reports detailing the issue, remedial action taken and updates to our processes where required.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£875 per unit per day|
|Discount for educational organisations||Yes|
|Free trial available||No|