Installnet IT & Technology Weekly

June 29 – July 5, 2026
Prepared by Aaron Weinberg, CTO
Covers: Facilitynet · Installhub · API · Notifications · Corporate IT
Platform Availability30 DAYS
99.81%
Worst production system (API) · target 99.9%
Known cause, fix in progress
RoadmapSNAPSHOT
6
Active high-priority features, 4 in development
Baseline set this issue
Portfolio MixSNAPSHOT
18%·59%·23%
Share of active investment: Grow · Do · Run (targets 25% · 50% · 25%)
Grow: 18% vs 25% target
Security FindingsSNAPSHOT
72% in SLA
61 open: 6 Critical, 23 High, 32 Med/Low
17 past due, incl. 3 Critical
Recover — DR & BCPSTATUS
15 min RPO
All backups healthy and running; max data loss 15 minutes
3 verification items open

Operate — System Availability & Incidents

Uptime per production system (trailing 30 days) and every customer-visible incident of 5+ minutes in the last 4 weeks
Facilitynet99.92%
Installhub99.99%
API99.81%
Notifications100.00%
Marketing sites99.96%
One tick per day, June 6 – July 5. Green = clean day · faded green = brief blips, minutes total, site stayed up · amber = site-level outage · red = major outage (hours) · gray = planned maintenance. Target: 99.9% per system; values exclude planned maintenance (marketing sites 98.66% unadjusted).
DateSystemImpactDurationStatus
06/30Installnet.comPlanned hosting migration (GoDaddy) overran its window; monitored throughout9h 41mResolved · planned
06/30Ecoserv siteSame hosting migration; overran planned window, monitored8h 57mResolved · planned
06/24Ecoserv siteSite unreachable18 minResolved
Only site-level events appear here — single app-server issues that high availability absorbed (June 16, 23, 29 on Facilitynet; sites stayed up) show as amber days on the left, not incidents. Below threshold: API had 58 brief interruptions (each under 5 min, ~80 min total) over 30 days — degraded; cause identified, fix in progress (mod-72, mod-73).

Build — Roadmap Delivery & Investment

Where development investment is going (Grow / Do / Run), and the active high-priority features
Grow the business18% (target 25%)
Do the business59% (target 50%)
Run the business23% (target 25%)
Grow is running at 18% of investment against the 25% target; Do is absorbing the difference. Based on 54 active scored features (April scoring baseline; auto-refresh from next issue).
FeatureOwnerStageTargetStatus
Company Pages - Hierarchy Updates (PROD-382)DoAaronIn developmentJul 2026On track
HubSpot Integration (PROD-480)GrowEricIn developmentJul 2026On track
Project scope standardization (PROD-416)DoAaronIn developmentQ3 2026On track
Market Segment tagging in SP Locator (PROD-513)DoAaronReady to developQ3 2026Queued
Functions & Permissions Overhaul (PROD-536)DoAaronIn designQ3 2026Design
Digital signature workflow (PROD-43)DoAaronIn developmentQ4 2026On track
Chips show each feature's dominant investment bucket from its value scorecard. Q3 value shipped: 0 points (quarter began July 1); this counter accumulates weekly. Full Do/Run/Grow portfolio detail moves to the quarterly report.

Secure — Risk Posture

Open security findings across application code and third-party software, measured against the resolution SLA
SeverityOpenPast SLASLA Target
Critical6314 d
High231430 d
Medium25090 d
Low70180 d
Trend chart begins accumulating from this issue.
This week

Attention 3 Critical findings are past the 14-day resolution target (oldest: 42 days). All have tickets with Ortus; needs a committed fix date or a formal risk acceptance.

Process Monthly code scan ran on schedule June 2; next run Tuesday, July 7.

Third-party software: 11 open items, last reviewed June 29; none newly exploitable.

Server patching

Automated patch scanning was enabled across all six servers this week (scan-only). First results next issue

Corporate IT & People — from June vendor reports and live training data
Devices ProtectedExternal Weak PointsSecurity EscalationsPhishing Test FailuresTraining CompleteSystems Current
68 of 68 all devices protected 0 found in external scans 2 / 0 action both closed 0.0% June test, all staff 100% monthly, all users 100% supported Windows 11 versions
Multi-factor sign-in is enforced for every account. Our 24/7 security monitoring service reviewed 2.8M events in June; 2 investigated, 0 required action.

Recover — Backup & Continuity Readiness

Can we come back from a bad day, and how much would we lose? Proven by tests, not job logs.
AssetOwnerBackup HealthRPOLast Verified RestoreStatus
Production databaseCTODaily full + 15-min log copies, offsite15 min ✓No recent testRecovery test overdue
Server images (all servers)CTOWeekly; latest completed Jul 57 d (disaster floor)No test on recordHealthy
Document storageCTO / AWSVersioned, continuousContinuousHealthy
M365 (email, files, Teams)XPERTECHS / DattoAutomaticPer Datto scheduleNo recent testRequest restore test
Disaster-recovery exerciseCTONone on recordSchedule H2
RPO = maximum data loss if the system failed right now. Database: full backup daily plus incremental copies every 15 minutes to protected offsite storage (copies are versioned and cannot be silently deleted); weekly server images verified completing for all six servers this week.

Decisions & Risks — What Needs Exec Attention

DRAFT — written from this week's data, pending CTO review

Decision needed: 3 Critical security findings past their resolution deadline

All three have been open 42 days against a 14-day target and have tickets with the development team. Options: commit dev time to close them this month, or formally accept the risk with a documented rationale. Recommend committing the time; one of the three is an authentication weakness.

Complete: marketing website hosting migration (GoDaddy)

Installnet.com and the Ecoserv site were migrated overnight June 30. The window ran longer than planned but was known and monitored throughout; product platforms were unaffected. No action needed.

Heads up: database recovery test scheduled for Q3

Backups are healthy and data loss exposure is 15 minutes, but the full recovery procedure hasn't been timed recently. A timed test restore is planned as part of the H2 disaster-recovery exercise.