David Snopek makes our "Drupal Security Expert Interview" series round! He is a founder of myDropWizard.com and a long-time Drupal developer and community member. Among other things, he co-maintains the Panopoly distribution, is a member of the Drupal security team, and co-organizes the local Drupal meetup group in Milwaukee, WI. Enjoy his expert estimation below!
In this second interview of the "Drupal Security Expert" series we're pleased to welcome Mike Gifford. Mike is the president of OpenConcept Consulting Inc, a Canadian Benefit Corporation that specializes in open-source web development and hosting. He is a Drupal 8 Accessibility Maintainer and also passionate about security and privacy. He is the author of the Drupal Security Best Practices - a practical guide which summarizes many of the ways to tighten the security of your Drupal site, which is available for free - http://openconcept.ca/drupal-security
Greg Knaddison is a longtime member of the Drupal Security Team and was the Team Lead for two years. He currently leads the engineering team at CARD.com, a mobile alternative to traditional branch banks. In 2008, Greg published Cracking Drupal, the only book to cover the topic of Securing Drupal Sites. In the interview below he reveals his security expert assessment of current questions about Drupal 8 - get secure!
If you want to grow recurring revenue by providing SLAs for your Drupal projects, automation is THE key to offering a reliable response time. Of course, you could build a dedicated 24/7 support team, but the cost will be exorbitant. There are many tools out there for digitizing your support and automating some of the processes.
Automation will save you resources and simultaneously prevent mistakes. Nevertheless, at some points along the support process, there should be people in contact with your client. Support is also a kind of marketing that you get paid for! That's why a well-defined support concept is the key to success.
Selling support is not so easy. Mostly you end up with agreements such as getting paid only if there’s a support request. If you want to provide reliable support with a well-defined response time, you need to allocate resources constantly, and that's why you need to get paid separately for the response time. The value for your customer is clearly that an experienced user, who also knows details of the project, is available whenever he or she is needed. A support contract with a well-defined response time keeps at least some of the project team members available, so the knowledge doesn’t get away.
Since my talk at Drupalcon Barcelona about a recurring revenue for Drupal shops I’ve had several discussions with other agencies about how to grow a professional and reliable Drupal support business. In this blog post I’d like to share with you the things I've learned. This is the first of a three-part series on Drupal support business.
What your clients really need
Your clients invest a lot of money in the development of their Drupal app. And like any investment, a Drupal app needs to be maintained. A client that earns money with the app you built will most likely need the following services:
We are finally almost there to release Drupal 8 RC1. For us, the release candidate means that Drupal has a stable API, a feature freeze and "should" be free of critical bugs as far as there are no new ones found. That counts for Drupal8 core. We will start with Drupal 8 projects from the release of RC1. The question is only: How to create estimations for a system we, honestly spoken, don't know yet with the same depth of details as we know Drupal 7. There are so many pitfalls related to the decision making of Drupal 8 architectures. As we usually need many contrib modules in our Drupal applications, and this will not change in Drupal 8, they are not yet ready and stable enough for a bug free experience in our development team.
This Drupalcon in Barcelona was really special for us because we had so many touching points with the community and other businesses in the Drupal ecosystem. This Drupalcon really helped us to increase our Drupal8 knowledge but also our whole business. In this blog post I want to share how the community helped us to win more ideas to improve our business in the near future.
After a month of Drop Guard's closed beta we aggregated the most important business benefits from our beta testers. We want to share those benefits with you:
Many times during our beta phase I was asked the question if Drop Guard is a hosting platform and will replace the use of Acquia Cloud, Pantheon or Platform.sh (or any other hosting Drupal platform.) The answer is clearly: NO!
On the contrary those Drupal hosting platforms make your life even easier when using Drop Guard to update your Drupal core and contrib modules automatically. In this blog post I want to outline the benefits of each platform and how using these platforms to leverage your work with Drop Guard. To understand the points of integration, let me explain how Drop Guard works in a nutshell.