Key technical requirements
2.
Functionality
1.
Technology
4.
Accessibility
3.
Compatibility
7.
Maintenance and support
6.
Security
5.
Hosting
We have put together a technology stack that delivers a simple, easy-to-scale, fast and secure website network option.
WordPress — our recommended CMS
Baker Tilly requires a CMS and tech stack adaptable enough for a large network but also simple and cost effective for development and maintenance.
Our recommendation is WordPress — the most widely used CMS framework in the world.
We have a strict code integrity process that starts with building a bespoke WordPress theme. We use lean code practices and leverage text editors, custom fields, and the custom theme environment to develop logical, drag-and-drop functionality. This allows users without a coding background to create beautiful and functional content.
Multisite framework with layered administrative access
To support the build-and-host network, we will mobilise a multisite framework, allowing network-wide content sharing and layered administrative permissions.
The directory will be hosted on the global website and can be syndicated to the entire network.
The Global Office can push content to member firms and — once accepted — it will be published to the firm’s website. This process can also be reversed, allowing firms to publish content that can be accepted for syndication to the rest of the network.
Technology
SOLUTION
See how easily firms can build in WordPress:
Functionality
SOLUTION
CMS functionality
The CMS will allow complete codeless customisation of the menu, pages, images and news.
We achieve the above flexibility by developing a comprehensive and robust library of page builder blocks or modules that can be dragged and dropped into position within the CMS. These are designed and tested to work in tandem and provide firms with a functional, flexible and creative layout while remaining on brand.
Member firm directory and Dynamics 365
We recommend using an API connection with custom scripts, supporting the official Dynamics 365 WordPress plugin. This configuration will allow maximum security and synchronisation between the build-and-host network and Dynamics 365, ensuring updates in Dynamics 365 are reflected across the multisite.
Azure Active Directory integration
A two-way integration between Azure Active Directory and the build-and-host network will be implemented through a plugin built into the multi-site framework. This enables selected users from Azure AD to be automatically created and provided with the correct access to specific build-and-host websites.
Mobile browsers
Mobile browsers
Desktop Browsers
DEVICE
Prior to launch of the website, we will conduct a robust compliance and accessibility review to meet the below standards.
Compatibility
SOLUTION
Accessibility standards
Multilingual geotagging
Each website will be configured with a default language option, with geotagging configured to translate the website based on the user’s location. There will be an option in the top right of the page allowing the user to select their language.
Accessibility
SOLUTION
Hosting
SOLUTION
We will implement industry leader Cloudflare for Content Delivery Network (CDN) and Secure Socket Layer (SSL) services.
To host the WordPress multi-site framework, a Virtual Private Server (VPS) will be mobilised. This gives Baker Tilly International a dedicated server space with a reserved space. This improves performance and increases security.
Security
SOLUTION
We will implement a web server security firewall and will routinely scan the website and report/address malware as well as protect the website from brute force attack. Multi factor authentication will be implemented for all logins and an IP address detection for login can be enabled.
As part of regular security maintenance, we manage a centralised dashboard monitoring uptime, plugins, themes, security, brute force attempts and conduct weekly backups. A hosting-specific SLA will be put in place with the hosting provider that aligns to our minimum expected standards.
GDPR compliance
We are conscious of the need to comply with GDPR, Europe’s ePrivacy Directive, and potentially LGPD (Brazil). We will work directly with Baker Tilly International to assess the data collection across the network sites as part of the audit process. We will confirm any specific requirements for declarations around collection, storage and sharing of data as part of our initial discovery phase.
Maintenance
and support
SOLUTION
Websites need regular ongoing maintenance and proactive measures to protect against security breaches or website disruption. We are also conscious that there are different levels of digital capacity across the network.
The Global Admin will have a direct line for support (both instant chat and phone support) for critical issues as per the SLA.
Build-and-host network owners will have a ticketing and direct line system for reactive support. Issues will be managed in line with the SLA.
We will duplicate each website on a staging environment to allow editing and reconfiguration to take place without compromising live websites. Staging will be synced to and from the live website manually on request to allow code integrity checks.
We will run an internal dashboard and monitoring system that alerts us to any issues, including brute force attempts or hosting disruptions. These will be escalated to the Global Admin if a serious threat or reported monthly.
The theme, plugins and WordPress system will be reviewed, tested and updated fortnightly.
The database of each website will be backed up weekly.