GVS is now part of Acquia. Acquia logo

Home

Working with GVS

Process

Clients come to us with varying levels of experience and clarity about what they want to develop. Our role often includes helping clients identify abstract goals, developing features that address those goals and the underlying architecture for those features, and finally the project implementation.

In general, we follow these steps in developing a new website:

  1. Identify project goals and/or user stories
  2. Identify features that meet those goals and/or user stories
  3. Develop designs and architecture for those features
  4. Implement the design and features
  5. Internal QA/review of the site
  6. User acceptance testing and revisions
  7. Deployment and performance tuning
  8. Ongoing support and maintenance

GVS approaches development with an Agile/Scrum-based strategy where we revisit the above steps 2 through 7 in iterations throughout a project.

Image by Softhouse Consulting.

Secure Data Handling

The security of your sensitive information is something that we take very seriously. Here are a few of the procedures for all GVS projects.

  1. When sending passwords or any other sensitive information, please only use the telephone or encrypted files.

  2. If possible, use SSH/SCP/SFTP to access your site rather than something like FTP. We will always use a secure channel if possible.

What We Do (when possible)

  1. Firmware / Hard drive passwords: having an operating system password is pretty useless if the hard drive itself isn't password protected. Anyone who steals the laptop can just override the operating system password to get access to the hard drive.

  2. Encrypted Data: protocols like FTP send data in clear text which means anyone on the network can read your files and username/password for the site. Instead it is much more safe to use SSH/SCP/SFTP to transfer files. The same applies for data sent to web sites over HTTP instead of HTTPS.

  3. Development Servers: Aside from laptops, the other main place your data might get stored is on an Amazon Web Service EC2 or EBS device. Naturally these servers are only accessed via SSH or HTTP. Amazon has published information about the security practices for AWS products.

While there are certainly ways to make this more secure, these are as good or better than current industry standards.

Featured Team Member
Carl Wiedemann

Carl's broad background provides a wealth of experience to share as a developer, themer, and educator.

GVS is now part of Acquia.

Acquia logo

Contact Acquia if you are interested in a Drupal Support or help with any products GVS offered such as the Conference Organizing Distribution (COD).

We Wrote the Book On Drupal Security:

Cracking Drupal Book Cover