Installnet IT & Technology Weekly

July 6 – July 12, 2026
Prepared by Aaron Weinberg, CTO
Covers: Facilitynet · Installhub · API · Notifications · Corporate IT
Platform Availability30 DAYS
99.80%
Worst production system (API) · target 99.9%
Known cause; brief interruptions easing
RoadmapSNAPSHOT
6
Active high-priority features, 4 in development
No change
Portfolio MixSNAPSHOT
18%·59%·23%
Share of active investment: Grow · Do · Run (targets 25% · 50% · 25%)
Grow: 18% vs 25% target
Security FindingsSNAPSHOT
66% in SLA
50 open: 2 Critical, 19 High, 29 Med/Low
11 closed, incl. 4 Criticals
Recover — DR & BCPSTATUS
15 min RPO
All backups healthy and running; max data loss 15 minutes
3 verification items open

Operate — System Availability & Incidents

Uptime per production system (trailing 30 days) and every customer-visible incident of 5+ minutes in the last 4 weeks
Facilitynet99.94%
Installhub100.00%
API99.80%
Notifications100.00%
Marketing sites99.96%
One tick per day, June 13 – July 12. Green = clean day · faded green = brief blips, minutes total, site stayed up · amber = site-level outage · red = major outage (hours) · gray = planned maintenance. Target: 99.9% per system; values exclude planned maintenance.
DateSystemImpactDurationStatus
No new site-level incidents this week. Rows below are the most recent, now resolved.
06/30Installnet.comPlanned hosting migration (GoDaddy) overran its window; monitored throughout9h 41mResolved · planned
06/30Ecoserv siteSame hosting migration; overran planned window, monitored8h 57mResolved · planned
06/24Ecoserv siteSite unreachable18 minResolved
Only site-level events appear here — single app-server issues that high availability absorbed (including a brief simultaneous blip on both Facilitynet servers July 8 evening, sites stayed up) show as faded-green days on the left, not incidents. Below threshold: the API had about 60 brief interruptions over 30 days (each under 5 min) — degraded; fix in progress (mod-72, mod-73), with frequency easing over the past week.

Build — Roadmap Delivery & Investment

Where development investment is going (Grow / Do / Run), and the active high-priority features
Grow the business18% (target 25%)
Do the business59% (target 50%)
Run the business23% (target 25%)
Grow is running at 18% of investment against the 25% target; Do is absorbing the difference. Based on 54 active scored features (April scoring baseline; full refresh at the start of August).
FeatureOwnerStageTargetStatus
Company Pages - Hierarchy Updates (PROD-382)DoAaronIn developmentJul 27, 2026Date moved +2 wks
HubSpot Integration (PROD-480)GrowEricIn developmentJul 27, 2026Date moved +2 wks
Project scope standardization (PROD-416)DoAaronIn developmentQ3 2026On track
Market Segment tagging in SP Locator (PROD-513)DoAaronReady to developQ3 2026Queued
Functions & Permissions Overhaul (PROD-536)DoAaronIn designQ3 2026Design
Digital signature workflow (PROD-43)DoAaronIn developmentQ4 2026On track
Chips show each feature's dominant investment bucket from its value scorecard. Company Hierarchy and HubSpot both moved their target from July 13 to July 27. Q3 value shipped: 0 points (quarter began July 1); this counter accumulates as features ship. Full Do/Run/Grow portfolio detail moves to the quarterly report.

Secure — Risk Posture

Open security findings across application code and third-party software, measured against the resolution SLA
SeverityOpenPast SLASLA Target
Critical2114 d
High191430 d
Medium22290 d
Low70180 d
Open findings fell from 61 to 50 week over week.
This week

Progress 11 findings closed, including 4 of the 6 Criticals. One Critical remains, 42 days past target.

Note The share within SLA dipped to 66% because the findings we closed were compliant ones — the older, past-due items are now a larger slice of a smaller total. The absolute risk is down.

Monthly code scan ran on schedule July 7. Third-party software: no newly exploitable items.

Server patching

Automated patch scanning was rebuilt with corrected settings this week after a targeting issue blocked earlier attempts. First results next issue

Corporate IT & People — from June vendor reports and live training data
Devices ProtectedExternal Weak PointsSecurity EscalationsPhishing Test FailuresTraining CompleteSystems Current
68 of 68 all devices protected 0 found in external scans 2 / 0 action both closed 0.0% June test, all staff 100% monthly, all users 100% supported Windows 11 versions
Multi-factor sign-in is enforced for every account. Our 24/7 security monitoring service reviewed 2.8M events in June; 2 investigated, 0 required action.

Recover — Backup & Continuity Readiness

Can we come back from a bad day, and how much would we lose? Proven by tests, not job logs.
AssetOwnerBackup HealthRPOLast Verified RestoreStatus
Production databaseCTODaily full + 15-min log copies, offsite15 min ✓No recent testRecovery test overdue
Server imagesCTOApp servers weekly; database & utility monthlyLayer beneath live backupsNo test on recordOn schedule
Document storageCTO / AWSVersioned, continuousContinuousHealthy
M365 (email, files, Teams)XPERTECHS / DattoAutomaticPer Datto scheduleNo recent testRequest restore test
Disaster-recovery exerciseCTONone on recordSchedule H2
RPO = maximum data loss if the system failed right now. The database is protected by daily full backups plus copies every 15 minutes to protected offsite storage (versioned, cannot be silently deleted); server images are a slower rebuild layer beneath that — weekly for the application servers, monthly for the database and utility servers. All backup jobs completed on schedule this week.

Decisions & Risks — What Needs Exec Attention

DRAFT — written from this week's data, reviewed with the CTO

Decision needed: one Critical security finding still past its deadline

Four of six Criticals were closed this week — good progress. The one that remains has been open 42 days against a 14-day target and has a ticket with the development team. Commit a fix date this month, or formally accept the risk with a documented rationale.

Progress: Notification Center performance program underway

Performance patches deployed Friday afternoon produced immediate improvement, with more scheduled this week. No action needed; the gains should show in next week's availability numbers.

Heads up: database recovery test still to be scheduled

Backups are healthy and data-loss exposure is 15 minutes, but the full recovery procedure has not been timed recently. A timed test restore is planned as part of the H2 disaster-recovery exercise.