Trusted with technology
since 2003

We guess you’re here because you’ve got a problem. A really big problem perhaps… or maybe you’re not sure of the scale of the issue?

That’s OK. We’ve spent years calmly identifying, resolving and protecting against future issues, just like the one you’re possibly having.

Why should you trust us, if you’ve not heard of us before? Take a look at our Happy Customers page.

“I have no hesitation in recommending Dan for any SME looking to outsource its hosting, web administration and web security.

Having been through a number of cowboys ourselves, it’s been a pleasure to find a guy who knows his stuff backwards and whom we can trust.”

– Alex Chubb Co-Director – London School of Attraction.

So what’s the next step?

Speed is key.

We like to talk via phone initially to establish what you’re seeing and what you feel has happened.

After an initial free 15 min consultation, we will explain our hourly billing rate and agree a limit with you, on hours to be spent on diagnosis. From that point, our service will be chargeable.

We will not do work, without your financial authority.

We will then establish a secure method for sharing access credentials for the affected server and move into our diagnostic process.

Below is a copy of our internal checklist. We believe in being transparent.

Diagnosis phase

• We will immediately make copies of important data such as log files to prevent tampering by attackers
• We’ll review this important (log) data locally – investigation may take up to 24 hours
• Secure your system from further attacks/attackers as we discover issues – this may affect functionality – but we will keep you in the loop
  
• Monitor your system for further issues during investigation
• Perform basic checks – SSL, IP reputation (has it been affected)
• Ask questions
• Answer as many questions as we can for existing customers (with knowledge of their current infrastructure)
• Follow industry standard practices
• Provide a root cause analysis report
• Provide all of market advice
• Be honest
• Provide detailed plan of action/next steps and associated cost
• Provide advice on how to prevent it happening again
• Itemised billing
• Provide a cost for ongoing maintenance (if maintenance is not already being done by us or others)

In return, we ask our clients to:

• Advise what they know already
• Advise how and why they think they have been hacked
• Provide any information on server (observed changes in resource utilisation, strange behaviour etc)
• Answer any question as honestly as they can
• Answer any questions in a timely manner
• Contractual requirements – do we need a specific report for shareholders/investor
• Provide any existing documentation if possible
• Provide access to affected servers and any other place we ask for
• Provide details for technical contacts and/or developers
• Agree that the affected server may need to lose functionality to secure it from further attack
• Advise if monitoring/maintenance is done by a 3rd party and who responds to issues or notifications. Provide relevant information for this
• Agree to our Terms & Conditions