CAPDM offers managed, GDPR-compliant Moodle hosting services to clients who don’t wish to run their own Moodle service. We use a secure Amazon AWS cloud server, and can offer integration with existing sites and purchasing systems, styling, course and plugin loading and ongoing support and maintenance services as required.
A typical work breakdown for the Moodle hosting solution setup is:
- Setup a new Moodle LMS internet service on a secure Amazon AWS cloud server using required at-rest encryption standards.
- Install a supplied Moodle theme for the site (or assist the client to do so themselves) and assist clients to style specific themes to comply with their branding guidelines (colours, fonts, images).
- Assist with the uploading and installation of an initial set of courses and any required additional plugins or Moodle modules.
- Assist clients to undertake and control all student enrolments themselves and to integrate enrolment with their own student administration platform, CRM system or website using the standard available Moodle authentication methods.
- Begin hosting and supporting the live service to the agreed service levels.
- We will review site performance and security monthly and, if requested, upload any operating system patches or minor Moodle version revisions (e.g. Moodle 3.11.2 to 3.11.3).
- We will backup the server site and its database on a daily basis, enabling it to be restored within 24 hours if necessary, with no more than 24 hours of data loss.
- We will assist clients in their role of GDPR Data Controller by acting as their designated Data Processor.
- We will provide off-ramp support, if required, including helping clients to move the Moodle service to another service provider at the end of this agreement while maintaining service continuity.
To meet the requirement to maintain an ongoing LMS service, CAPDM will maintain the following service levels:
- We will support and maintain the Moodle instance hosted on our Amazon EC2 cloud servers.
- We will strive to maintain a 99.5% uptime target, subject to Amazon’s own EC2 service provision and service level agreement.
- We will continuously monitor the Moodle instance’s operation automatically out-of-hours, and respond to any support desk notified service issues within 2 hours during UK working hours.
- We will provide a UK office hours 9-5 email ticket and telephone support service for a client’s nominated support contact person to use.
- We will back-up the Moodle instances, on a daily basis to an offsite location, to ensure business continuity and limit the potential of data loss to a maximum of 24 hours.
- We will implement security patches and update the server and Moodle instances monthly with whatever operating system or Moodle minor updates are required.
Moodle releases major versions with new features approximately every 2 years. In addition to its monthly hosting service, CAPDM offers clients a fixed-cost, major Moodle version annual update option. This work involves:
- Applying the chosen major version updates to Moodle and any used plugins and/or theme updates to enable their new functionalities to be used.
- Updating any major components of the underlying operating system such as the database and PHP libraries.
- Migrating existing courses, programmes and user data to the new Moodle instance.
- Testing and quality assurance of the major upgrade.
- Re-integrating the instance with any third-party enrolment service user authentication API.
To minimise user impact and related administration work, it is suggested major version upgrades occur at the same time as any major updates to courses and programmes are made.
Uploading third-party produced course packages and plugins into the Moodle instance can be time consuming and error prone, due to the wide variation of course authoring tools and their individual adherence to Moodle packaging implementation and support.
CAPDM will help clients to upload any new non CAPDM-produced course under a fixed budget agreed in advance.
To minimise the potential disruptions to students, any new course uploads could be made to a separate quality assurance server instance first, and quality assurance done there before being migrated to the live instance.
CAPDM can also provide support to clients undertaking any separate, third-party penetration testing projects as required, using our technical support hourly rate.
Please note that CAPDM has to be informed in advance of all planned penetration testing so it can, in-turn, inform Amazon of the event, as required by the Amazon hosting terms and conditions. Failure to inform Amazon of such a testing event might result in services being taken offline until Amazon is satisfied the potentially suspicious server activity is genuine and resolved to their satisfaction.