Service Level Agreement

Response times

• The Standard Response times provides tiered support options. Our standard response Investigate and Report Action Steps for rectification between 9am and 5pm your local time (AEST  or AWST) 

• Web Availability  99.9% availability during the normal business hours of 8am to 7pm, AEST. Scheduled maintenance is undertaken between the hours of 7pm and 8am.
• Scalability and Web Capability My Community Directory is built on the scalable and robust Microsoft.Net architecture. My Community Directory (through our provider) maintains fully redundant connectivity to multiple major carriers, ensuring the shortest route and lowest latency to any destination across the country. My Community Directory is hosted through a provider that has multiple 100mbps & 1gbps uplinks with multiple providers.
• Error Handling & Offline  All errors are logged and provided to our website/database team. All incidents are managed electronically where appropriate and responded to quickly. We encourage and seek feedback from our clients in an effort to support our philosophy of continuous improvement.
• Support My Community Directory has a state of the art hosting and operational support services desk. We provide unlimited phone and email support from 8am-7pm Monday to Thursday and 8am-5pm Fridays on business days. Emails can be lodged at any time and responses to email are made as soon as reasonably practicable, no later than COB next business day after receipt.
• In addition, you will find our online Q&A user friendly and informative. 
• System Requirements  My Community Directory has been designed to work on any standard web browser with an internet connection.
• Privacy Issues  We take privacy issues seriously and as such My Community Directory complies with the Commonwealth Privacy Act (1988) and the SPAM Act (2003) and the Queensland Information Privacy Act (2009).  

Security

• Keeping Information Safe: We follow a number of best practices regarding information security and software development to ensure that our system is Enterprise Grade
• Secure Infrastructure:
  • Microsoft Azure Servers
  • Compartmentalized Network
  • C# .Net WebApp using industry standard software design patterns
  • Web Application firewall (Cloudflare)
  • Data Encrypted in Transit
• Secure Access:
  • 2FA for those with database manipulation abilities (mid 2019)
  • Access Control built into the app
  • A User can only view or edit the data they have access to
  • Desktop Audit of our internal processes by McgrathNicol
• Secure Websites and Platforms
  • Access to our API through surrogate websites are protected through standard API security measures (shared client-server secret)
  • Users login and each user within an organisation has their own password (no shared passwords).
  • User actions on the site are auditable, meaning that deletion or editing of data can be traced, monitored or reverted if needed.

Our Practices

• Secure handling process
  • When downloading data to excel for manipulation or analysis, a password is set so that only the user who created the file can access it
  • Internal Data and for developer or staff use is obfuscated so that no data personalised or sensitive data is exposed to employees
• Our Team and Software Practices
  • Our team is led by a Software Engineer with over 10 years in the industry, Dan has been involved in bug bounty programs and ethical security research.
  • All code is peer-reviewed by the team to help mitigate the risk of vulnerabilities