| Date | System | Impact | Duration | Status |
|---|---|---|---|---|
| 06/30 | Installnet.com | Planned hosting migration (GoDaddy) overran its window; monitored throughout | 9h 41m | Resolved · planned |
| 06/30 | Ecoserv site | Same hosting migration; overran planned window, monitored | 8h 57m | Resolved · planned |
| 06/24 | Ecoserv site | Site unreachable | 18 min | Resolved |
| Feature | Owner | Stage | Target | Status |
|---|---|---|---|---|
| Company Pages - Hierarchy Updates (PROD-382)Do | Aaron | In development | Jul 2026 | On track |
| HubSpot Integration (PROD-480)Grow | Eric | In development | Jul 2026 | On track |
| Project scope standardization (PROD-416)Do | Aaron | In development | Q3 2026 | On track |
| Market Segment tagging in SP Locator (PROD-513)Do | Aaron | Ready to develop | Q3 2026 | Queued |
| Functions & Permissions Overhaul (PROD-536)Do | Aaron | In design | Q3 2026 | Design |
| Digital signature workflow (PROD-43)Do | Aaron | In development | Q4 2026 | On track |
| Severity | Open | Past SLA | SLA Target |
|---|---|---|---|
| Critical | 6 | 3 | 14 d |
| High | 23 | 14 | 30 d |
| Medium | 25 | 0 | 90 d |
| Low | 7 | 0 | 180 d |
Attention 3 Critical findings are past the 14-day resolution target (oldest: 42 days). All have tickets with Ortus; needs a committed fix date or a formal risk acceptance.
Process Monthly code scan ran on schedule June 2; next run Tuesday, July 7.
Third-party software: 11 open items, last reviewed June 29; none newly exploitable.
Automated patch scanning was enabled across all six servers this week (scan-only). First results next issue
| Devices Protected | External Weak Points | Security Escalations | Phishing Test Failures | Training Complete | Systems Current |
|---|---|---|---|---|---|
| 68 of 68 all devices protected | 0 found in external scans | 2 / 0 action both closed | 0.0% June test, all staff | 100% monthly, all users | 100% supported Windows 11 versions |
| Asset | Owner | Backup Health | RPO | Last Verified Restore | Status |
|---|---|---|---|---|---|
| Production database | CTO | Daily full + 15-min log copies, offsite | 15 min ✓ | No recent test | Recovery test overdue |
| Server images (all servers) | CTO | Weekly; latest completed Jul 5 | 7 d (disaster floor) | No test on record | Healthy |
| Document storage | CTO / AWS | Versioned, continuous | Continuous | — | Healthy |
| M365 (email, files, Teams) | XPERTECHS / Datto | Automatic | Per Datto schedule | No recent test | Request restore test |
| Disaster-recovery exercise | CTO | — | — | None on record | Schedule H2 |
All three have been open 42 days against a 14-day target and have tickets with the development team. Options: commit dev time to close them this month, or formally accept the risk with a documented rationale. Recommend committing the time; one of the three is an authentication weakness.
Installnet.com and the Ecoserv site were migrated overnight June 30. The window ran longer than planned but was known and monitored throughout; product platforms were unaffected. No action needed.
Backups are healthy and data loss exposure is 15 minutes, but the full recovery procedure hasn't been timed recently. A timed test restore is planned as part of the H2 disaster-recovery exercise.