Sometimes the best solutions come along when you’re doing something you don’t love. That’s what happened to Julio Taylor and Jon Martin, who were both tired of their day jobs and decided to work together, becoming cofounders of Big Spring Web Development. Now a thriving, tight team of 14 strategists, designers and developers, they solve problems and create opportunities for all types of clients - from independent startups to international organizations and corporations. Whether the revenue is 5 or 50 million, they maintain having a keen focus on delivering results such as organic traffic and strong conversion rates, rather than design for the sake of design. Big Spring Web Development is an agency that understands the importance of data and analytics. Julio phrases the concept as “evidence-based design and research.”
Julio and Jon are now responsible for over 200 websites (primarily run on Wordpress, with a few on Joomla!). They are also strategic partners with WPEngine - one of only three agencies in the UK and 18 worldwide - which gives Big Spring Web Development access to a lot of information and technology, one being website security. Via WPEngine, Julio and team had their first experiences with Sucuri.
Julio believes Sucuri brings something more to WPEngine with its secure platform. It came time however, that Julio felt a need for Sucuri beyond what WPEngine could provide.
When you have four or five sites you can use ad hoc remedial services, but when you get to an agency level you have that problem times 200 – not just people to fix it - you need an army to fix it.
Various problems stemmed from clients that went beyond the basic web security measures:
One client’s website (hosted by a different company) had been using a theme they bought from a Russian website. They noticed lots of user accounts were created, changes were made to the accounts, and posts were being made without their knowledge. When they’d go in and delete all of the users, it would simply happen over and over again, until the Sucuri Firewall was implemented.
The attacks stopped immediately because of the way Sucuri was able to filter bot traffic and identify it wasn’t human. Sucuri’s filters, proxies, and firewalls immediately stopped it, and for a very low cost. This gave us time to build a completely new secure website which no longer has that problem.
Another website kept getting hacked by the Free Syrian Army (a popular hacking group) every other day. Julio was certain it wasn’t being attacked because of vulnerabilities, but Sucuri double checked by scanning the site. They discovered that the hosting company had a problem embedded within its own shared hosting setup. It was someone else’s site getting hacked affecting theirs.
The initial issue that made Julio open an account with Sucuri was a root attack on a client’s Joomla website, effectively causing everything to be exposed. First, Julio did a Google search for “Joomla malware cleanup” where he found a blog post that talked about the specific issue. That’s when the Sucuri chat window popped up and he spoke with a member of the Customer Happiness Team.
Julio was then contacted by Sucuri’s Incident Response Team who found the issue right away and fixed it within 30 minutes.
I feel like with Sucuri we can rely on them, so we can say this is what it is and leave it with you guys - not manage it. In 24 hours we get an answer. It’s not difficult, it’s not complicated. We don’t even need to understand the problem.
In his first experiences with Sucuri, Julio used the service mostly when a problem occurred, rather than proactively. For some of their big enterprise projects, they needed to have the firewall in place as an extra layer of security.
Big Spring Web Development looks forward to transitioning many of its retainer clients to the maintenance in Sucuri’s agency plan.
For us, as a web provider, we are responsible for all of our clients’ security policies and you guys are our safety net for us. It’s a powerful thing to rely on you guys, say we really need your help, and every time you deliver. You’ve never had a case and said you can’t help us with that.
The weekly reports are a key factor for Julio. Whether it’s a notice that his site has been checked and everything is fine, or when there is an alert, including any 500 errors, and knowing when the issue is resolved. He also finds the alerts useful to show to a developer on his team and see the code, because at times, the issues are caused by security problems rather than just instability issues or configurations errors.
When you have so many clients and so many websites we can’t look at everything all the time, so we need someone proactively checking that on our behalf and checking that when we need it. Another thing we like is that Sucuri knows about security issues before they become a problem – in advance.
Proactively managing, communicating and controlling the flow of risk are all things Julio was looking for and found in Sucuri.
Big Spring Web Development also appreciates what Sucuri offers for their reputation as responsible web admins:
From a sales point of view, a relationship with Sucuri associates us with WordPress security, and that we partner with leaders in hosting and infrastructure. It’s a trust signal for clients that you’re backing them up and vice versa. It’s important agencies take security seriously.
Understanding the benefit of website security, even at it’s more basic level, is a start. Employing Sucuri technology to its fullest was critical for some client systems. Big Spring Web Development needed a dedicated emergency response, account owner, and no tickets. This is why the Sucuri Agency Plan was a perfect fit.
We spend a lot of time every month maintaining our client’s websites. The last thing I ever want to have to do is fix a hack. Anything we can do proactively to fix anything. It’s not good use of time for my developers to be fixing plugins and things.
For Julio, relying on Sucuri for website security benefits his business highly because the clients are happy, and again, it associates his company with market leaders in security. Lastly, he finds that it gives him an internal resource of highly-skilled security experts.
It’s not technology you’re selling, it’s expertise. The fact that people will look after you and take care of you, respect you, and help you rather than a bot… because that’s not actually what happens, there’s a level of human intervention - an actual expert that actually knows.