When you’re tasked with selecting a content management system (CMS) for your business, you’ll likely appreciate that the number of viable options available can make things complicated. From Drupal, to Umbraco, to WordPress, there are plenty of quality technology platforms to choose from.
But finding the CMS that’s most suitable for your specific business is an important process that requires careful consideration and a lot of research. Of course, devoting sufficient time to this can be difficult when you have dozens of other priorities on your mind.
To ease this challenge for you, this article will make the process of choosing between two popular CMSs much simpler. In this new content series, we’re providing direct, objective comparisons between some of the leading options for CMSs today.
This second article of the series will look at the comparison between Umbraco and WordPress, and you can find links to the rest of the articles in this series at the bottom of this page.
The Platforms
A CMS is a software-based technology platform upon which you can build and manage websites and applications. While most CMSs are similar in terms of their fundamental functionality, they each have varying levels of complexity and development requirements.
Umbraco
It’s important to start by noting that Umbraco is a platform intended specifically for developers with a certain level of technical proficiency.
When you first set up Umbraco, it won’t be approachable for the average marketing manager or any other non-technical users. Initially, much of the key functionality expected from a CMS will be missing. The purpose of this is to encourage you to spend time and money developing the platform. Often, this has been known to rule out Umbraco as a viable option for a lot of businesses.
To get full value out of Umbraco, you’ll almost certainly need to hire someone – either an agency partner or an in-house developer – to help you get things up and running.
Having said that, no matter which CMS you choose, you’ll be significantly better off working with a platform-specific web development agency supporting you. For most businesses, an agency plays a crucial role in helping you implement your new system and develop your site (but more on that later).
WordPress
WordPress is the polar opposite of Umbraco, in the sense that it’s designed so that anyone – even if you have no previous content management experience – can use it easily. That’s why it’s the most popular CMS available today, with around 45% of all websites on the Internet built using the platform.
Almost everything you need to manage the day-to-day responsibilities of your website comes readily available in the software, making it much more suitable for a wider range of businesses.
This allows you to begin building immediately and facilitates a quick time-to-market for your websites and applications. WordPress’s rich, dynamic features that come pre-existing with the platform “out-of-the-box” are to thank for that.
Content Management and Usability
You should consider ease-of-use as a key indication of whether or not you want to invest in a CMS. If a CMS doesn’t offer simple, intuitive usability, you’re probably better off avoiding it.
Umbraco’s Usability
As mentioned above, in its initial state, Umbraco can be very difficult to work with for the average user. It’s mostly intended for more technical users who have coding skills or some development experience to build the infrastructure.
However, once you’ve invested sufficient time and money into tailoring the platform to your own preferences, it becomes a great tool for publishing and editing content on a website. Umbraco has a wealth of features that allow you to create high quality websites and dynamic web pages.
On a side note, if you’re a Microsoft user, you’ll be pleased to see some similarities in the structure of Umbraco’s user interface (UI).
WordPress’s Usability
WordPress is far more straightforward when it comes to usability. It provides you with a convenient, efficient user interface (UI) that allows seamless publishing, management, and editing of content on your sites.
It’s simple editing content on a page-by-page basis in WordPress, which saves you valuable time, with a handy block-based design.
The ease-of-use makes it possible to share responsibilities across your team, even if some of you don’t have any previous experience with a CMS, unlike the more technical Umbraco platform.
Customisation
Customisation with Umbraco
Umbraco is known for being highly customisable and flexible. It’s best used as a clean slate for developers to tailor to the business’s requirements. However, this isn’t easy to do for the average user.
As mentioned earlier, Umbraco isn’t suitable for the average CMS user in its initial state. Unlike most CMSs, you’re required to spend some time customising Umbraco in order to make it into a platform that’s approachable and easy-to-use. Once you’ve done that, however, Umbraco can become an excellent CMS with great content editing capabilities.
Customisation with WordPress
WordPress allows you to customise it to your own liking as well. The difference here is that you don’t need to change much about WordPress’s set of tools and features before you can begin using it comfortably.
This allows you to create quality content from day one, with the freedom and flexibility to make adjustments to the platform as and when you require. WordPress is also an easier platform to upgrade with custom features due to the quality of its community-sourced plugins.
How Secure is Each Platform?
Cyber security is becoming a greater concern each day for businesses. Choosing a platform that delivers robust security should be a top priority, so you can have full confidence in the protection of your data.
Umbraco’s Security
Umbraco comes with a high level of in-built security. The software is based on Microsoft’s .NET platform, which gives it support from Code Access Security (CAS). Working alongside that CAS, Umbraco provides identity-based security, and that makes it considerably more secure than the average CMS.
Having said that, you shouldn’t let this act as an excuse for your agency partner to take security for granted. Every web development project should be approached with security at the core, no matter what in-built protection the platform has.
It’s also important to note that Umbraco is an open-source platform, meaning a community of developers regularly creates updates and new features within the software. This means that any new additions should be tested carefully for security in case they create new vulnerabilities.
WordPress’s Security
While it is generally very secure, WordPress is another open-source platform backed by an active developer community. It’s important to be cautious of the raft of new features, updates, and plugins that are regularly released.
From a security perspective, be mindful of plugins, both in terms of where they come from and ensuring they’re correctly tested, maintained, and updated. For any CMS, these issues are best left to an experienced agency partner who has the expertise to minimise these risks for you.
Aside from that, WordPress does offer enterprise-grade security, with organisations like globally renowned pharmaceutical company Hutch Med and leading venture capitalist firm Balderton Capital using it today.
How Scalable is Each Platform?
Scalability should be another important part of your criteria when selecting a CMS. Fast, agile expansion is crucial for the platform, just as they are for your business as it grows.
Therefore, you need your digital infrastructure to be able to scale cost-effectively with more pages, additional functionality, and perhaps even more sites.
Scalability with Umbraco
Umbraco’s scalability is one of its strengths. With Umbraco, your site can seamlessly evolve as your business grows and your requirements change.
It’s especially useful for teams that need to manage a high volume of pages simultaneously, making it very suitable for large businesses.
Scalability with WordPress
In the past, WordPress mistakenly had a reputation among some for being most suitable for smaller businesses. However, its excellent scalability proves that to be nothing more than a myth.
Just like Umbraco, WordPress is agile and scalable enough to grow alongside your business and adapt to your changing requirements.
Cost and TCO
A CMS is a big investment, and should be considered a long-term one. In order to ensure you’re achieving a strong return on investment (ROI), it’s helpful to find a platform that offers good value and a low total cost of ownership (TCO).
When assessing this, it’s important to factor in costs such as hosting, licenses, agency fees, maintenance, bespoke development, and more.
Umbraco’s Up-Front Work and Ongoing Costs
Because it’s open-source, Umbraco can be free-to-use.
However, as mentioned earlier, it’s a platform that requires a great deal of technical expertise and initial development work. That will typically involve longer timelines with your agency than other CMSs, which inevitably mean high costs. Because it’s a complex platform, you’ll also face higher costs whenever you need to develop new functionality or work on integrations.
WordPress Value and TCO
WordPress comes with a far lower TCO than most other CMS options. Its ease-of-use and flexibility out-of-the-box make it a very cost-effective platform.
WordPress licenses are free, so your implementation costs would be limited to just hosting, agency fees, and post-deployment support.
Any plugins or extensions you want to apply to the platform will be licensed and paid for separately, but it’s unlikely you’ll need to add many new capabilities because it’s such a feature-rich platform by itself.
Developer Communities
If a technology platform is supported by a strong community of developers, that will be highly beneficial to your business. Dedicated users from around the world work hard to continuously create improvements, additions, and updates to help the software become the best it can be.
Umbraco’s Community
Umbraco has been around since the year 2000, making it one of the oldest CMSs. That means it’s had a long time for a large, skilled community of developers to grow around it.
As touched on earlier, Umbraco is built on a Microsoft-based infrastructure, using a C# framework, and is the most popular platform of this kind.
However, it’s important to note that Umbraco is facing some decline. More popular platforms, like WordPress, gaining widespread adoption have seen developments with Umbraco slow down in recent years.
WordPress’s Community
WordPress has a healthy global community devoted to constantly improving the platform.
WordPress developers are renowned for their creativity, producing a wealth of innovative new themes and plugins that can be used by any business with ease.
The WordPress community also regularly holds free events to help people learn more about how to use the platform. For instance, WordCamp is a non-profit event that has been running since 2006 across several continents.
The Important Role of an Agency
As touched on throughout this article, another factor which will influence the success of any projects with your chosen CMS is a development agency.
When finding the right CMS is such a challenge by itself, many businesses underestimate the importance of finding the right agency partner to support you with your CMS.
But as mentioned earlier, how well you handle critical aspects of the platform like security, testing, usability, and even your TCO are often determined by your agency.
With Umbraco, all the platform’s functionality has to be custom coded, which makes development time in the back-end longer than most businesses expect. This also makes Umbraco difficult to work with internally, as well as for any maintenance and updates. When working with an agency, this will see your costs increase when compared to WordPress technology.
Whichever CMS you pick, they’re all considerably easier to use, and to achieve healthy ROI, with a specialist partner supporting you. Finding an agency with the right experience and expertise to help you unlock the full potential of your platform should be another important part of your overall decision.
Making Your Decision
So, how do you take all these comparisons and decide which CMS is right for your business?
In all honesty, both Umbraco and WordPress are both good options that would work well for most businesses. Although, it is generally accepted that Umbraco is a less approachable platform than WordPress unless you have technical skills within your team.
In order to determine which one will be more suitable, it’s useful to look at each of the characteristics listed in this article in relation to your unique requirements and business needs.
Remember that every business, and every web development project, is different. Think carefully about your specific strategic objectives, budget, users, technical specifications, and any other important factors. That should make it clear which CMS is the better choice to deliver what you’re looking for.
If you need more help in your evaluation of the various CMS options:
- Read our comparison between Sitecore and WordPress here.
- Read our comparison between Drupal and WordPress here.
Would you like these insights straight to your mailbox?
- A fully-managed service with 24/7 support
- Automated monitoring and alerts
- Back-up and disaster recovery
- 99.99% up-time
- 100% pass-rate for data centre audits.
Latest from agency
19 August, 2022
Celebrating 2 years with Martina Gabrielli
The moment Marti joined us at SoBold, we were excited and eager to see how she would translate her enthusiasm and energy towards development towards real life projects. We were not let down and she hit the ground running.
2 years later, largely hampered by COVID, we now are getting the absolute best out of Marti. She is incredibly reliable, diligent and talented and she is involved in all of our biggest projects.
Marti has never been one to code for the sake of coding, and she always makes sure she understands the bigger picture before diving into a project.
⅓ of the Italian SoBold Office crew, we are very fortunate to have Marti and we truly can’t wait to watch her skillset improve and see her continue to work on the biggest and best projects!
We caught up with Marti to find out more about what she gets up to in her day to day life.
At what point in your life did you decide to become a developer?
Having studied Foreign Languages and Literatures, since uni I had a dream to become a successful translator. I came to London to fulfil this dream but I wasn’t sure which field to specialise in yet. So I started working at a restaurant, and in my spare time, I would translate articles for online media sites and magazines, and also produce subtitles for tv series.
Later on, I started a course in software localisation, and this opened up the dev world to me as I had to put my hands on the software source code. When it was time to search for a job, reality had a massive hit: competition was high, work was difficult to find, it was clear I had to invest more time and specialise furthermore.
I felt stuck and didn’t really know what to do with my life. So I went backpacking around the world for a few months, and I decided to dive more into that dev world that I found so interesting. Time wasn’t really a problem while travelling, so I read a lot about web development and took a lot of online courses. I devoured so many online resources, I just couldn’t believe they were all a click away! Since my first “Hello World” project, I’ve found the process of coding and building a website from scratch a beautiful mix of creative problem solving that never disappoints. Long story short, that’s when I knew I wanted to become a developer.
Describe your typical day
I wake up at 6:30am, I feed Coco and Lucy (my cats), I put some tunes on while having breakfast, quick shower. Then it’s checking the weather time: if it looks cloudy and rainy I’ll take the tube, otherwise, I’ll most probably board my Brompton and off we go to the office! Ideally, I like to conclude the evening by doing some form of exercise, usually rollerskating or a walk/run.
What’s your favourite project to date
I really enjoyed working on the new SoBold website, it’s been a huge team effort and the result it’s simply amazing!
What is the best advice you have ever heard?
I once read this quote: “If we all threw our problems in a pile, we’d grab ours back.”
I think it’s a beautiful sentence, it makes me appreciate life every day and makes me very grateful for all I have.
If you had to change careers what would you do instead?
Not sure what but surely something related to sport.
What was your most recent challenge and how did you overcome It?
When you’re a developer, every day there’s a new challenge. You just have to learn how to tackle them. In general, I think talking with a colleague helps a lot. Also “rubber ducking” can be a useful method for debugging code. In both cases, they’re powerful methods that consist in taking a break and articulating the problem in plain language.
What’s your favourite thing to do outside of work?
I’m a big ramp skate fanatic. https://www.instagram.com/martymcroll/
What 3 items would you bring to a desert island?
🇨🇭 🔪 🎸 and 🛌🏽
Would you like these insights straight to your mailbox?
Development
10 July, 2023
Headless CMS Explained: Understanding Whether Headless is the Right Approach for Your Website
Making the best possible choice of content management system (CMS) is crucial for the success of your website. But, these days, not only do you have to navigate the many different options – from WordPress to Sitecore to Webflow – you also have the added challenge of deciding whether to go “headless” or not.
Whether to take the less conventional headless approach with your CMS is a decision that could cause some confusion. It could even cause some challenges with your website if you end up making the wrong choice.
In this article, we’ll help you understand exactly what a headless CMS is, when you may need to take that approach, and highlight some key considerations to make before finalising your choice.
What is a Headless CMS?
With a traditional CMS, the back-end and the front-end of the system are directly linked. This is how you use your CMS for both the content management (back-end) and to control how the content is presented to your website visitors (front-end).
In this context, the back-end of the CMS is sometimes referred to as the “body” and the “head” is the front-end. In a headless CMS, that front-end is decoupled from the back-end of the system, hence the term headless. With this approach, you use the back-end as normal for content management and the presentation of content in the front-end is handled completely separately.
This is valuable because it allows you to design your website front-end however you like, without any restrictions. However, it also requires more technical work from your development agency as a trade-off.
With a headless CMS, your content is presented to your audience on your live website by using APIs that take it from the back-end of the CMS. This use of APIs also allows you to publish the same content in a variety of different formats via different channels as well, but more on that later.
Scenarios in Which You Might Need a Headless CMS
It’s important to understand that you should only take a headless approach if it’s the most suitable way to meet a specific set of requirements or objectives.
Some scenarios in which you might need to take a closer look at adopting a headless CMS include:
If a large volume of content is a key component of your marketing strategy.
If you’re going to be producing and publishing a lot of content on your website, you may benefit from a headless CMS. Many people find it easier and more intuitive managing websites in the back-end of a headless CMS.
The decoupling of the front-end also means that your development agency will be the ones responsible for ensuring your audience is presented with dynamic, engaging content.
If you expect to have high volumes of traffic and need to maintain performance.
If the size of your website’s audience will put a heavy demand on your CMS’s performance, a headless system could be a worthwhile investment. Using APIs, and leveraging other intelligent techniques, the headless approach often delivers faster loading times, reduces the workload on your servers, and offers greater scalability.
If you have a multi-channel marketing strategy, or need to publish content across multiple digital touch-points.
The headless approach allows you to take one piece of content, upload it into the back-end, and seamlessly publish it across several channels, including website, mobile app, social media, email, and even internet-of-things (IoT) devices.
This can help you maximise consistency, while providing your users in each channel an experience optimised for their preferred context.
If you’re prioritising personalisation.
As personalisation is becoming much more important in modern marketing, headless CMSs are becoming more popular in enabling those tactics.
If you need to create personalised experiences for your website visitors based on their demographic data, past behaviour, preferences, and so on, a headless CMS may be the right option. This is a useful approach for delivering tailored content to individual visitors, improving your engagement and increasing conversions.
If you have a multi-lingual or multi-regional website.
Delivering the same content to visitors in different languages, across different locations, can also be made easier by using a headless CMS. Your localisation process can be streamlined by managing the content for all users just once in the back-end, then delivering it seamlessly in its different forms based on location or other conditions.
Key Considerations and Potential Pitfalls
While a headless CMS can be a great choice to deliver on the requirements discussed here, it’s still not a straightforward decision in these scenarios.
Firstly, it’s important to note that a traditional CMS like WordPress can still help you achieve all the things listed above, especially with the support of an experienced, talented agency. Secondly, there are some downsides to the headless approach that need to be considered while you’re evaluating your options.
Security
Security is an issue that needs careful consideration when looking into the headless approach. The headless architecture, and use of APIs, create more security vulnerabilities than you’d have with a traditional CMS.
It’s also common for a headless CMS to require more hands-on management in key areas such as hosting and compliance, as well as more thorough and frequent testing.
Development Complexity
When you ask your development agency to build, manage, and maintain your website using a headless CMS, you’re asking them for more complex work than they’d be facing with a traditional system. This complexity is something you need to be aware of, both in your selection of an agency capable of delivering your requirements, and in the additional workload you’re asking them to complete for you.
Time-to-Market
Following on from the previous point, more complex development work often results in a longer time-to-market for your website.
Developing a website using a headless CMS may require more time and resources from your agency to deliver the work for you. If you need to get your site up and running quickly, or if you may require future development work to be delivered quickly, a regular CMS may be a safer bet.
Technical Skills
Publishing content with a headless CMS may be easy, but if something goes wrong, or you need something changed, you’re unlikely to be able to do it yourself. A headless CMS requires more technical skills and development experience to maintain than a traditional CMS, even for small tasks. If you don’t have these skills in your team, you’ll be more reliant on your agency partner than you would be with a normal CMS.
Total Cost of Ownership
All the points listed here will add up to a higher total cost of ownership (TCO). When accounting for the higher volume and greater complexity of work you’ll require from your agency, you’re likely to spend a lot more of your budget on a headless CMS.
Unless you have specific complex requirements that demand the use of a headless CMS, it’s usually the more cost-efficient option to go with the more traditional approach.
Content Strategy
With all that said, it’s also important to consider whether a headless CMS is even necessary based on your content strategy.
Unless you have an intricate, wide-ranging content strategy that spans various channels and platforms, it might not be worth adopting a headless CMS at all.
Most of the requirements you have can likely be delivered by working with a reliable agency partner using a sophisticated, flexible CMS like WordPress.
It’s also important to note that WordPress can be used in a headless context as well. This offers you a balance between a familiar, easy-to-use system and a more dynamic UX for your visitors in the front-end.
The Benefits of a Headless CMS
If you do decide to take a headless approach, your CMS can deliver a wealth of benefits and strategic advantages. These include:
Scalability
The headless architecture will enable you to build out your digital presence rapidly, on a large scale, across multiple channels. This scalability will be crucial for your website as your business grows and your requirements evolve.
Customisation
Both the back-end of your headless CMS and the front-end presentation of your content are entirely customisable, tailored to your specific requirements.
Flexibility
Headless CMSs provide a great deal of flexibility in terms of your selection of technology, content creation, and implementation of a multi-channel market strategy.
Ease-of-Use
If you work with a skilled agency partner who can set up and manage your system for you, publishing and editing content with a headless CMS becomes quick, easy, and efficient.
User Experience
Delivering your content seamlessly – and consistently – across a wide range of channels and digital touch-points creates a far greater UX for your target audience.
Performance
The headless architecture removes the need to render pages on your server. This creates the faster loading times and improved performance discussed previously, which also contributes to a better experience for your visitors.
Competitive Differentiation
As mentioned earlier, the headless approach allows you to create a truly unique UX. In an increasingly crowded, noisy online landscape, this can help you differentiate your website and stand above your competitors.
Future-Proofing
A headless CMS allows you to easily change or upgrade the technology you use for your front-end without having any impact on your back-end. This will help you become more agile and adapt quickly as new technology trends emerge in future.
Making the Right Decision for Your Unique Requirements
Ultimately, you should base your decision here on the specific requirements you have for your website and the circumstances you find yourself in.
While a headless CMS does offer a range of innovative capabilities, the additional costs and resources you’ll need to invest may not be worthwhile. For example, the traditional use of WordPress can provide you with most of the benefits discussed earlier.
Carefully consider your objectives, your strategy, and the resources you have available. Use those to weigh up all the pros and cons listed in this article in relation to your own website project.
The key thing is to clearly understand exactly what you need from your CMS, and use that to select the option that aligns best with your requirements.
Would you like these insights straight to your mailbox?
Digital Business
9 February, 2023
10 Tips to Improve WordPress Security and Minimise Risks
Cyber security and data protection should be top priorities for your business right now. Of course, this is particularly important for large businesses, and those in strictly regulated industries like financial services, where the outcome of a cyber attack or data breach can be catastrophic.
As these security concerns continue to intensify, you must be increasingly careful and vigilant about the technology solutions you use. You should also take more proactive steps to ensure everything in your tech stack is built and managed in a way that minimises your risks.
When it comes to WordPress, there’s a common misconception that the platform isn’t secure enough for large businesses. This misunderstanding tends to come from the fact that it’s free-to-use, so it was originally more popular among smaller independent businesses and B2C blogs.
Today, however, WordPress is the world’s most popular content management system (CMS), and for good reason. Considering a significant percentage of that user base includes global enterprises, you’d think such popularity would be enough proof that it’s a secure platform.
On the contrary, large businesses still ask us on a regular basis, “Is WordPress secure enough for us?”
Is WordPress Secure?
The answer to that question is, yes, WordPress is a secure, stable platform, even in its “out-of-the-box” state. WordPress’s core code is thoroughly tested and quality-checked by a team of security experts continuously. Not only that, but the same team regularly releases security updates and reinforces any potential weaknesses before they can be capitalised on by cyber criminals.
In fact, the speed at which security updates are implemented in WordPress is arguably the fastest in the world today when compared with other CMSs.
Additionally, WordPress is open-source software, meaning all its code is available to the public. Users are constantly suggesting changes and updates, often to fix bugs in the code and minimise opportunities for cyber criminals. This keeps the platform safe and secure for everyone else.
But while WordPress does have the ongoing support of some of the most talented and devoted developers in the world, it’s not immune to security vulnerabilities. No software is, unfortunately.
That’s why it’s important to be aware of, and work with, some fundamental best practices for security. Listed below are some steps you can take to further strengthen the security of the WordPress CMS.
Best Practices to Strengthen WordPress Security
1 – Secure Hosting
The hosting service you choose for your platform will determine how secure and well protected your data will be.
It goes without saying that WordPress should be hosted in a secure environment, overseen by an experienced provider who prioritises security within their services.
Some things you should consider essential for a hosting provider include:
Before choosing your hosting provider, do plenty of research to ensure they’re able to provide these measures. Most businesses will work with a development agency partner for WordPress, and that agency should be able to help you with this process.
2 – Back-Up and Disaster Recovery
Following on from the previous point, any good hosting provider should also offer back-up and disaster recovery services. These are like safety nets that will allow you to protect, save, and recover all your data in the event of any losses.
3 – Be Careful with Plugins
Plugins are a great way to enhance the WordPress platform with new capabilities and features. But you should only ever use plugins from reputable, credible sources, otherwise you could experience security problems.
It’s also important to keep all your plugins regularly tested, maintained, and updated. Again, this is an area where a WordPress agency partner will help you.
4 – Always Keep Your Platform Updated
When you’ve built a website with WordPress, you’ll often receive software updates from the platform. Any time this happens, it’s because a bug has been fixed or some improvements have been made to the software.
Keeping up with these updates is so important from a security perspective, because they’re designed to keep your site secure. By letting your site run on an outdated version of the platform, you leave yourself at risk of a known issue being exploited by a cyber criminal or some malware.
This is another thing that a good agency partner should take care of for you, so you don’t need to worry about keeping your platform up-to-date.
5 – Never Auto-Update Your Plugins
You have the option to enable auto-updates within your WordPress platform. While this may seem like an easy way to keep your CMS up-to-date, doing so can create technical issues and security risks that simply aren’t worth the convenience.
Each plugin you use will have its own button for you to turn auto-updates on or off. Any good agency will advise you to turn those auto-updates off and instead opt for a more secure approach to your updates, to maintain the resilience of your platform.
6 – Use Security-Specific Plugins
Another way to reinforce the security of WordPress is by implementing security-specific plugins like WordFence, Sucuri, or Defender Pro.
These handy tools will do a lot of the hard work for you, monitoring your platform and spotting potential vulnerabilities so you can fix them before they’re allowed to have any negative impact.
7 – Enable SSL
A secure sockets layer (SSL) is a protocol which encrypts the transfer of data between your website and your users’ browsers. Enabling SSL makes it more difficult for cyber criminals to steal or compromise data online. Don’t worry, though, as this will be taken care of by your hosting provider as a standard practice.
8 – Avoid Tools that Open Direct Access to Your Site Database from the Dashboard
Some tools and plugins will enable direct access to your site’s database from within your CMS dashboard. While this can make certain aspects of website management easier for you, it also creates security vulnerabilities. This is something you should always avoid, because these additions are often severe security risks.
9 – Encourage Your Users to be Mindful of Security
The biggest security risks, and many opportunities for cyber criminals, come from unsafe user behaviour, poor platform maintenance, and badly built sites.
Your behaviour, and the behaviour of your end-users – and your agency – should always be mindful of security. If it’s not, sooner or later you’ll encounter problems. Some security best practices you can introduce include making strong passwords compulsory for all users and implementing measures like two-factor authentication.
10 – Find a Trustworthy Agency Partner to Support You
We understand that following all these steps sounds like a lot of work. Of course, when you’ve got your own job to focus on, the last thing you need is to be spending time struggling through complex website security processes.
That’s why it’s so valuable to find a reliable, trustworthy agency partner when using WordPress to build and manage websites. A good agency will ensure everything is secure and up-to-date for you, so you can spend more time providing outstanding services and experiences to your customers.
It’s always worth taking time to find an experienced agency with a strong track record of building robust, secure sites, to give you the peace of mind you deserve. That means they should handle your secure architecture, testing, monitoring, updates, and ongoing support for you as part of their services.
Being Truly Secure is an Ongoing Process
When you’re selecting a content management system (CMS) to build critical digital assets like your website, security must be a top priority. It’s for that very reason more and more large businesses are looking to WordPress as their platform of choice.
However, it’s equally important to choose an agency you can trust, and one that has these security best practices incorporated into their approach. This doesn’t just stop at the delivery of your website, either. True security is a constant ongoing process, and your agency partner should help you through that.
Following the tips listed here will give you everything you need to build a resilient, secure website on WordPress, suitable for the enterprise.
Interested in learning more about WordPress? Discover how a global enterprise achieved game-changing results by using WordPress to build a secure, innovative, bespoke solution. Check out the story of RedeWire from Rede Partners LLP here.
Would you like these insights straight to your mailbox?
Announcement
24 March, 2020
SoBold’s response to COVID-19
In response to COVID-19, we’ve put in place a number of measures at SoBold to make sure we can continue to provide our services to our clients around the world as well as do what we can to help contain the spread of the virus.
It’s helpful to reflect on the fact that we offer a service whereby the performance and outcome of work produced will not be affected at all.
We’ve moved to full-time remote work
SoBold has decided to close our office in London and have our employees work remotely until further notice.
We’re doing this in an effort to help prevent the spread of the virus because, while most SoBold employees are healthy and not in the high-risk category, we appreciate that is not the case for all of those around us, or in the wider community we live in.
We have a responsibility towards these people, including others who work in our building and those we come into contact with during each others’ daily commute.
We’ve set up enhanced support for remote work
We don’t believe it’ll cause much disruption to the rest of the team and business.
Most of our clients, for example, will be familiar with remote meetings; we regularly host virtual meetings between clients and SoBold.
All team members have access to reliable remote conferencing and workflow tools, so they can speak to anyone either within SoBold or outside of the organisation, whenever they need or want to.
This means we can continue to frictionlessly share and work collaboratively cross-functionally, with the ultimate goal of always delighting our clients and partners.
Free support to those directly affected by the closure of their businesses
We want to give back and help businesses and individuals that have been so badly damaged by the closure of their shopfronts, gyms, restaurants and other businesses in the hospitality industry.
We are offering free website help to these businesses during these tough times.
If you would like to get in touch with a team member about this, please email hello@soboldltd.com
Would you like these insights straight to your mailbox?
Latest from agency
3 August, 2022
Celebrating 3 years with Leonardo Esposito
A fresh-faced Leo joined SoBold in August 2019, with a big booming smile and speaking in broken English. It was immediately clear how driven he was to learn and pick up new skills and it was a no-brainer to offer him a job to join our development team.
For much of his first year at SoBold, Leo was glued to Google Translate to try and properly understand the tasks he had been set, but each and every time the output of his work would be the same, outstanding.
As Leo’s English picked up, as did his confidence and skill-set and he made it clear that he wanted to focus on Back-End Development and he really wanted to take SoBold forward. Leo championed innovation in our development approach and much of the workflow we do today has been driven by Leo’s desire to set the highest of standards.
He is a key figure at SoBold and we are very fortunate to have him.
We caught up with Leo to find out more about what he get’s up to in his day-to-day life!
At what point in your life did you decide to become a developer?
During middle school, I tried to learn how to make games, which led me to development. I started exploring different languages and realized I really liked learning the syntax of as many languages as I could. Eventually, I got into web development, and since then I have tried to expand my knowledge of web development languages, trying out new frameworks, and both front and back end sides.
Describe your typical day
As of now I’m trying out double gym days, which means an early wake up (5.30am), gym at 6am, and finishing at around 8am. Then I go to work, have my day, and when I finish I go home and back to the gym. When I get back home it’s circa 8.30pm, so I have dinner, watch something on Netflix (not too much otherwise I end up snacking), then go to my room, and if there’s time and I’m not too tired I play piano, otherwise I go to bed ready to do it all again.
What’s your favourite project to date
Favourite project to date is Rede partners
Any advice for junior developers?
Never stop learning, be curious, and be always ready to challenge yourself, and question what you do. Change your way of doing things if someone else out there is doing it better.
If you had to change careers what would you do instead?
Theoretical Physicist or Volleyball coach
What was your most recent challenge and how did you overcome It?
Hit a plateau in terms of motivation, but managed to overcome it by getting less on my plate, and focusing on meaning, eventually, it became better.
What’s your favourite thing to do outside of work?
Workout, play music (piano, guitar), play video games (fav ones are Skyrim, Horizon Forbidden West and Fallout)
How do you think the designer/developer relationship could improve?
The main thing is communication and chemistry, once those are there the relationship improves by itself.