Yes, most of the apps we make support both iOS and Android mobile platforms. It’s common for people to want their applications to work across web and mobile devices, so we use development frameworks such as React and React native that enable us to quickly support both platforms.

To ensure a secure service, we do not publicly detail all our security precautions. However, we can provide an overview of some of the steps we take to protect your data:

If you host with us, our data centre is based in London, with dedicated managed servers supplied by VI.net. These data centres are manned with 24/7/365 access via secure procedures. Redundant, meshed Cisco 6500 series routers (true as of 9/2017) with redundant fibres capable of 320Gb/s in total-for-total resilience. Our servers are regularly updated to run the latest software and patches, and the servers themselves have a firewall. 

The back-end server code used to drive your application is configured to run over HTTPS and has a secure SSL certificate installed.

We store passwords as hashed strings using a per-user salt, and in some scenarios, we store some sensitive data using two-way encryption algorithms. Should the worst possible scenario happen, and your data is compromised, the culprit would still need to perform complex decryption for the data to be readable.

The frameworks that we develop within, provide tested security features out-of-the-box. For example, Yii2 and Laravel allow us to escape and sanitise user inputs to protect against SQL injection attacks, XSS, host-header and CSRF exploits, as well as avoiding direct file exposure through protected and restricted directories. Debugging modes are only enabled on test environments, meaning that live servers don’t reveal source code in the event of an error. We also write our own code in special circumstances to build upon the protections provided by such frameworks.

Even with the best development frameworks, it’s possible for developers to make mistakes that pose a security threat accidentally. As a layer of additional security,

we use third-party security software (Codacy) to audit every line of code that we write. Codacy sends the team notifications with each code ‘commit’, alerting us to potential security issues within our system, thus reducing the risk of publishing serious issues.

Public-private keys are used to give developers SSH access into hosted accounts when deploying code, which allows for the secure management of access credentials.

Our standard servers are backed up daily, both on-site via bare-metal backups in the event of a complete server failure, as well as in a secure, redundant, off-site location within the UK. This backup process provides multiple layers of backup redundancy, allowing for the quick and complete recovery of data.

We offer the option to integrate your site or application using a secure content delivery network such as CloudFlare or Akamai. These can provide an extra layer against DDoS attacks while also speeding up the performance of your service. They provide an additional firewall layer, rate limiting, and mask your server’s IP address from those with malicious intent.

Sites that take payment do so via industry-standard PCI-compliant processes.

All of our staff are contractually obligated to follow our security policies and receive training on the latest data security procedures. We regularly sign non-disclosure agreements (NDA), our company headquarters are within lockable facilities, which require fob access and keycode to enter, and are monitored by CCTV.

For enterprise customers we can provide a security and vulnerability audits service, as part of a project’s deployment using Tenable Nessus software.

In some cases yes, in others, no.

Can nine women deliver a baby in one month? This analogy can be applied to tech projects too.

Sometimes, by dedicating more developer resource to a project, it can be completed much faster. But in other situations, we may be restricted by the project, technology or security requirements.

If you have a date requirement, contact us as soon as possible so we can do our very best to meet it.

We naturally provide a degree of strategic support around your business and marketing plans based on our experience as part of every project, and we can build tools to integrate with your social media or email marketing software. However, we are not an end-to-end marketing agency so don’t write copy or manage your marketing campaigns for you. 

If you need strategic marketing, social or SEO support, then we have some trusted partner companies that we work with on a regular basis that we’d be happy to introduce you to. If you’d like an intro to one of our preferred suppliers, then please feel free to contact us and let us know what you need.