CMS single administrator (single point of failure)

I am trying to quantify risks with the current 'management' and roles & resp[responsibilities of our websites 'content management system' (concrete5). I have never administered a content management system for a website before, but my overall understanding on permissions is there is an admin level role which allows overall control, and then there are author level roles, which allow a number of users to edit content on specific pages or areas of the site. My concern, from a contingency perspective, is we only have 1 officer with admin permissions on the CMS, and the others are only author level roles. The concern being if the 1 current admin was unavailable for example ill health for a few months, what would grind to a halt in terms of the overall CMS management?

Back to the 'I have never administered a content management system for a website before' - if you are a CMS admin, what activities/maintenance/monitoring requires admin level permissions in a solution, or put another way, if nobody logged in as an admin for numerous weeks, what could the knock on effect be? I was also hoping to establish some standard maintenance checklists that the CMS admin has to perform, so if they were unavailable another officer could pick up their duties and would have an easy 'how to guide' on which to follow. Ideally supplemented with formal training.
LVL 4
pma111Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Martyn SpencerManaging DirectorCommented:
As I see it there are a few things to consider primarily. I imagine that others may also post their thoughts. From a security perspective, someone needs to be able to keep the CMS software itself up to date. This involves ensuring that the CMS templates and content work with any updates that are to be applied and then applying said updates.  There is also the issue of backing up the CMS so that it could be restored in the event of damage. This involves backing up the site files and the database. Concrete5 has a database backup but I do not believe it backs up the site files.

The admin also needs to be aware of security issues that may come to light. Since most CMS systems, and Concrete5 is no exception, allow installation of extensions (sometimes calls plug-ins, addons, etc), you need to audit what extensions are in use and whether they are being actively maintained.

The server on which the system is operating also needs to be maintained and security patches applied. In my work, I have development versions of critical sites and they are hosted on separate systems. I always transfer live sites to the development systems and carry out upgrades and testing on these prior to updating live sites. This is a very simplified explanation of what I do, but covers it in essence.

Since a CMS allows users to create content, verifying that the content is safe (no malware, no bad links etc) is also something to be considered. If comments on posts are being allowed, are they being correctly sanitised?

These are my immediate thoughts. I am sure that others will add their own.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.