Summary
Despite being the most popular content management system in the world, many large businesses and organisations in strictly regulated industries are still asking, “Is WordPress secure enough for us?”
This article will give you a detailed explanation of how WordPress can provide enterprise-grade security, to help you make your own decision about whether it’s secure enough for your own business. We’ll also share some helpful tips to enhance the platform’s security and reduce its risks even further.
As technology has become more pervasive in our daily lives, cyber security concerns have intensified, especially in the workplace. Each year, we read about more high-profile cases of global brands becoming victims of malicious cyber attacks, most often with sensitive data being the real target.
As a business, you should be increasingly careful and vigilant about the technology solutions you deploy today. This is even more important for large businesses and organisations in industries with strict regulations, where the consequences of security issues can be catastrophic.
When you’re choosing a content management system (CMS) to build critical digital assets like your website, security must therefore be a top priority.
Despite being the most popular CMSs in the world today – powering almost 45% of the world’s websites – WordPress is still seen by some as the platform for smaller organisations. You’d think its popularity alone would be sufficient evidence that WordPress is secure, especially as a large fraction of that user base includes enterprises across both the public and private sectors. However, when it comes to WordPress security, there are still some question marks.
So, is WordPress secure?
Yes, absolutely.
But there are certain factors and potential pitfalls you should be aware of if you’re considering WordPress as your CMS of choice.
Understanding Security in a CMS
As business challenges with cyber security and data protection continue to grow, selecting a platform that offers robust security is crucial. But how does that work, exactly?
Ultimately, a CMS like WordPress is just a piece of software, and all software can be vulnerable to security issues in a variety of ways.
The most obvious of these is a cyber security attack, either by hackers, a virus, or malicious software (malware). Any CMS used in a business environment needs to be built to withstand these attacks on a daily basis, and WordPress is definitely capable of doing so.
Another significant risk is when software has accidental weaknesses, issues, or vulnerabilities – known as bugs – built into its code. Bugs are common in software, and they can manifest as anything from a box appearing in the wrong place on your website to a platform vulnerability that leaks mission-critical data to cyber criminals.
Bugs aren’t difficult to fix, and we’ll explain later in this article why WordPress users can be confident that these kinds of risks are minimal with the platform.
However, when it comes to a CMS’s security, it’s important to understand the following point:
The biggest security risks, and the greatest opportunities for cyber criminals, are unsafe user behaviour, lack of best practices, insufficient maintenance, and poorly built sites. Not the platform itself.
Your behaviour, and the behaviour of your end-users, is an area that can be exploited or cause problems if you don’t prioritise security. That’s why it’s necessary to take a proactive, rather than reactive, approach to protecting your data. The rest of this article will help you do that, and remove any concerns you still have about WordPress security.
Is WordPress Secure?
The misconception that WordPress isn’t secure enough for large businesses still lingers, but why? Well, the main reason is because the platform is free-to-use, and so it was initially most popular among B2C blogs and smaller independent businesses.
Today, however, this couldn’t be further from the truth. Industry-leading enterprises such as private equity advisory firm Rede Partners LLP, global investment firm Coller Capital, and global research and advisory leader Forrester use WordPress for their CMS, just to name a few. This goes a long way to proving the apprehension towards WordPress security is unnecessary.
So, let’s explore the WordPress platform in more detail to understand why these global enterprises have full confidence in the security of their data, as well as the data of their clients and partners.
WordPress is already a secure, stable platform out-of-the-box.. You can rest assured its core code is highly secure, because it’s overseen by a team of security experts who thoroughly test and quality-check it on a continual basis. They regularly release updates and reinforce any potential weaknesses before they’re exploited to protect you against any new-found threats.
A team of security analysts study the ever-changing cyber security landscape and respond to it with speed and precision.
While WordPress may be seen by some as a CMS for small businesses, the speed at which security updates are implemented is arguably the best in the world when compared to other platforms.
WordPress is also open-source software, which means all the code it’s built on is available to the public. Anyone from outside the WordPress team can view it, download it, and make adjustments to it. Users often suggest their own changes and updates to the code by submitting them to the WordPress moderator team for approval. If improvements are made to the WordPress code, these updates will be released to the global user base.
These people are part of a global community of dedicated, passionate users who work hard to ensure the platform is always developing into the best version of itself possible. Anything WordPress’s own team misses, the developer community will catch. This means users are often fixing bugs and shutting down potential opportunities for cyber criminals, keeping the platform safe for everyone else.
WordPress Security Vulnerabilities
While WordPress does have the support of some of the brightest developers in the world, who keep it as secure as possible, they can’t take care of everything for you. As mentioned earlier, your biggest security risks will probably lie within your own business, regardless of what CMS you’re using.
Additional security vulnerabilities can arise in certain scenarios, often caused by ignoring best practices or failing to take responsibility for simple maintenance of the platform.
Web Hosting
Your hosting environment is an important factor that can influence how secure and protected your data will be. Your WordPress websites will be hosted in a server that stores your files and data in a data centre.
WordPress, like any platform, should be hosted in a secure environment, with an experienced provider who prioritises security as part of their services. This should include putting proactive security measures in place for scenarios like unplanned down-time or even natural disasters.
Secure hosting should also involve automated monitoring for malicious activity and vulnerabilities in your servers and software, as well as incident response.
Before choosing your hosting service, be sure to carry out some due diligence and look into the security best practices of your host. In many cases, it’s wise to work with an agency partner who will help you with this, but more on that later.
Plugins
While the WordPress community is one of the platform’s greatest strengths, interacting with unsafe additions to the software can also be its downfall for some businesses. It’s important to be cautious of the constant stream of new features, updates, and plugins being made available, because some of them could create issues for you.
To avoid these problems, you shouldn’t download plugins unless they come from recognised, credible sources. Furthermore, you should always ensure all your plugins are correctly tested, maintained, and updated.
We appreciate this may sound complicated. For that reason, you should entrust this responsibility to a partner. When using WordPress to build and manage websites, a good agency should help you ensure everything is secure and up-to-date.
Software Updates
When you’re running a website or application on WordPress, you’ll regularly receive software updates from the platform. Any time an update comes through, it’s because certain bugs have been fixed or some improvements have been made.
It’s crucial that you keep up with WordPress updates because they’re there to keep your site secure. By leaving your site running on outdated versions, you’re at risk of a known issue being exploited by cyber attacks. Again, this should be taken care of by your agency partner so you don’t need to worry about keeping your web platform up-to-date.
Tips to Strengthen WordPress Security
If you still have doubts, there are some simple steps you can take to further strengthen the security of the WordPress CMS. Some of these more general tips can also be applied to most website platforms and other software software products in general as well.
Use a managed hosting service that offers enterprise-grade security.
You wouldn’t rent an office in a building that leaves its doors unlocked at night. Why would you place your sensitive data in a data centre that isn’t fully secure?
Some things you should consider non-negotiable for a web hosting provider to offer include:
- 24/7 support
- Back-up and disaster recovery
- Fully-managed service
- Automated monitoring and alerts
- 99.99% up-time
- 100% pass-rate for data centre audits.
Put back-up and disaster recovery services in place to ensure you’re protected from all potential risks.
To build on the above point, ensure your hosting service has measures in place for back-up and disaster recovery. This fail-safe measure will give you a way to save and recover all your data in the event of any losses.
Do not use, or allow your agency to use, any plugins from unrecognised sources.
As mentioned earlier, only use plugins from sources you trust. You should also keep all plugins and additions to the platform up-to-date, and make sure they’re rigorously tested – or, rather, make sure you can rely on your agency partner to do this for you behind the scenes.
Use plugins alongside security-specific enhancements.
You can further bolster the security of the WordPress platform by leveraging security-specific plugins such as WordFence, Sucuri, and Defender Pro. These can inform you of potential vulnerabilities or incidents so you can respond quickly before they have an impact on your business.
Don’t use tools that enable direct access to your site database from within the dashboard.
Some digital tools or extensions give direct access to your site’s database or files from within the dashboard, to make managing your website easier. This is something to avoid, because they’re often a major security risk.
Enable SSL
Enabling SSL (Secure Sockets Layer) introduces a protocol which encrypts the transfer of data between your website and your users’ browsers. This makes it more difficult for cyber criminals to steal information and data online.
Encourage your users to follow security best practices.
You can put all the security measures and data protection possible in place, but they could all be for nothing if a weak password or bad behaviour compromises your website.
Some security best practices every business can easily implement include making strong passwords compulsory among all users and introducing additional measures like two-factor authentication.
Rely on an Expert to Minimise Your Security Risks
As touched on throughout this article, another factor which will determine how secure your WordPress platform is will be which agency you decide to work with.
While deciding whether to invest in WordPress is a big decision, don’t underestimate the importance of finding the right agency partner to support you with your CMS, especially when it comes to WordPress security.
Ultimately, you should understand that:
- WordPress by itself, out-of-the-box, is secure enough for most businesses to use.
- WordPress in the hands of an inexperienced or negligent agency will create significant security risks.
- WordPress is the hands of a dedicated, specialist partner is a platform you can trust and rely on without any concerns.
Your data will be fully protected if you work with an agency who takes security seriously and prioritises it at the core of every development task they deliver for you.
That means they should be capable of handling secure architecture, testing, monitoring, updates, and ongoing support for you as part of your service. You should always take the time and care to find a specialist agency partner who has a proven track record of building robust, reliable sites, to ensure you’re minimising your risk.
WordPress is a Suitable Platform for the Enterprise
Cyber security and data protection are critical for businesses of all sizes, across all industries. But it can’t be denied that large businesses often face more severe consequences by falling victim to a cyber attack or data breach.
Choosing a platform that you have total confidence in is a necessary factor in the process of evaluating your options for a CMS.
When you have your own role and responsibilities to focus on, the last thing you want is to be constantly worrying about the security of your site. Following the advice and best practices listed in this article will provide you with a highly resilient WordPress platform with enterprise-grade security. That will allow you to spend more of your time creating an outstanding website that differentiates you from your competitors and drives business growth.
If you need more help understanding and evaluating platforms to deliver a web design and development project, read our comprehensive guide to selecting the right solution here.
Would you like these insights straight to your mailbox?
- Innovation
- Creativity
- Clear strategic thinking
- Effectiveness
- Tangible results.
- Make a critical client engagement process increasingly efficient and effective
- Provide each user with a personalised experience that includes tailored investment information and updates
- Obtain more data about user engagement and leverage that to improve other services
- Accelerate and increase investment in client funds, driving significant commercial growth for the firm
- Use an industry-first digital tool to gain significant competitive advantages.
- Read our comparison between Sitecore and WordPress here.
- Read our comparison between Drupal and WordPress here.
- Brainstorming and ideation
- Assistance in research and information-gathering
- Writing copy
- Writing code
- Image and video creation
- Data analysis
- Automating manual processes.
- GPT-4 was released as an upgrade to Chat GPT. GPT-4 can understand images, process 25,000 words in one go, earn a top 10% score on complex exams, and even demonstrate some advanced reasoning capabilities.
- Adobe released Firefly, which is a programme with a range of new generative AI features. It can create outstanding new content using simple language, with almost-unlimited creative options like turning 3D compositions into photorealistic images and automating advanced video editing processes.
- GitHub launched CoPilotX, which can supposedly boost coding speed by up to 55%. CoPilotX has similar features to Chat GPT, but will be used by software engineers and developers to boost productivity and time-to-market.
- And, just last week, Stability AI released its Stable Diffusion XL model, offering photorealism through an intricate editing interface. It’s reportedly built with around 2.3 billion parameters.
- Your brand
- Your company values
- Your colour scheme
- Your typography
- Imagery and other visual content
- Structuring of pages
- And other visual components that are used to tell your brand’s story across your website’s design.
Announcement
23 May, 2023
SoBold Selected as a Finalist for The Drum Awards for Marketing for Digital Transformation
We’re thrilled to announce that SoBold has been nominated as a finalist for an award at The Drum Awards for Marketing.
We’ve been nominated for our team’s outstanding work developing RedeWire, a unique, “game-changing” online portal for global financial services business Rede Partners LLP.
The Drum Awards for Marketing
The Drum Awards for Marketing are intended to highlight agencies and marketing teams that truly understand their clients. Focusing on outcomes, not outputs, these awards are designed to celebrate teams who have demonstrated the measurable value their work has delivered for their clients.
We’ve been nominated as a finalist in the transformation category. This category rewards creative and innovative thinking from agencies who have created a change in model or product to enhance experiences for their clients and their end-users.
The criteria on which the finalists were selected for this category included:
We’re incredibly proud to be named as a finalist for this award, especially since innovation, creativity, and strategic thinking are qualities that we actively strive to put into every project we work on for our clients.
“Game-Changing” Innovation – the RedeWire Platform
Global private equity (PE) fundraising advisory firm, Rede Partners, has a mission-critical process of keeping a large network of limited partner investors (LPs) updated with relevant, timely information about opportunities to invest in client funds.
The previous method of communicating this information to LPs was a large static PDF doc, produced once per quarter, shared with LPs via email. That approach is standard within the fundraising advisory industry, with many of Rede’s competitors using a similar approach.
But the Rede team recognised this needed to become more engaging for their clients, and our team here at SoBold provided an opportunity to innovate and transform this process.
We worked closely with Rede’s stakeholders to understand their challenges and define a clear set of strategic objectives. This allowed us to identify a way to remove this long-winded, one-way communication process with LPs and create a dynamic, interactive online portal.
RedeWire is the first of its kind, and has been identified as a “game-changer in the industry” by Rede’s LPs.
RedeWire successfully met Rede’s complex set of requirements, allowing them to:
The portal has already exceeded expectations for adoption, as it has made one of Rede’s critical points of communication with investors more efficient, effective, and engaging.
Check out our case study to learn more about the RedeWire platform here.
What they Had to Say
Gabrielle Joseph, Head of Due Diligence and Client Development at Rede Partners LLP, said:
“Originally conceived as a game-changer within our industry, we are thrilled with the outcome of RedeWire and have had several clients highlight how intuitive and easy to use the platform is.”
“Throughout the project, SoBold clearly understood our vision and provided thoughtful solutions to our needs. Choosing to partner with this team was one of the best decisions we’ve made, and we couldn’t be happier. We look forward to continuing to work with the team as the site evolves.”
One early adopter of the RedeWire platform also provided highly positive feedback, saying:
“This is a massive time-saver for everyone. I can’t believe how fluid and user-friendly it is. It will be a useful tool in 2023. We’re super impressed.”
Waiting for the Results
The results will be announced at the live awards show on June 15, 2023, in London. Congratulations must also go to our fellow finalists, Yodel Mobile, Braze, and Coterie Marketing.
Please keep your fingers crossed for us until then, and keep an eye out for the results this time next month!
In the mean-time, you can discover how financial services businesses should approach bespoke web development projects to successfully embrace digital transformation here.
Would you like these insights straight to your mailbox?
Digital Business
5 January, 2023
WordPress vs Umbraco – Comparing Both Content Management Systems
When you’re tasked with selecting a content management system (CMS) for your business, you’ll likely appreciate that the number of viable options available can make things complicated. From Drupal, to Umbraco, to WordPress, there are plenty of quality technology platforms to choose from.
But finding the CMS that’s most suitable for your specific business is an important process that requires careful consideration and a lot of research. Of course, devoting sufficient time to this can be difficult when you have dozens of other priorities on your mind.
To ease this challenge for you, this article will make the process of choosing between two popular CMSs much simpler. In this new content series, we’re providing direct, objective comparisons between some of the leading options for CMSs today.
This second article of the series will look at the comparison between Umbraco and WordPress, and you can find links to the rest of the articles in this series at the bottom of this page.
The Platforms
A CMS is a software-based technology platform upon which you can build and manage websites and applications. While most CMSs are similar in terms of their fundamental functionality, they each have varying levels of complexity and development requirements.
Umbraco
It’s important to start by noting that Umbraco is a platform intended specifically for developers with a certain level of technical proficiency.
When you first set up Umbraco, it won’t be approachable for the average marketing manager or any other non-technical users. Initially, much of the key functionality expected from a CMS will be missing. The purpose of this is to encourage you to spend time and money developing the platform. Often, this has been known to rule out Umbraco as a viable option for a lot of businesses.
To get full value out of Umbraco, you’ll almost certainly need to hire someone – either an agency partner or an in-house developer – to help you get things up and running.
Having said that, no matter which CMS you choose, you’ll be significantly better off working with a platform-specific web development agency supporting you. For most businesses, an agency plays a crucial role in helping you implement your new system and develop your site (but more on that later).
WordPress
WordPress is the polar opposite of Umbraco, in the sense that it’s designed so that anyone – even if you have no previous content management experience – can use it easily. That’s why it’s the most popular CMS available today, with around 45% of all websites on the Internet built using the platform.
Almost everything you need to manage the day-to-day responsibilities of your website comes readily available in the software, making it much more suitable for a wider range of businesses.
This allows you to begin building immediately and facilitates a quick time-to-market for your websites and applications. WordPress’s rich, dynamic features that come pre-existing with the platform “out-of-the-box” are to thank for that.
Content Management and Usability
You should consider ease-of-use as a key indication of whether or not you want to invest in a CMS. If a CMS doesn’t offer simple, intuitive usability, you’re probably better off avoiding it.
Umbraco’s Usability
As mentioned above, in its initial state, Umbraco can be very difficult to work with for the average user. It’s mostly intended for more technical users who have coding skills or some development experience to build the infrastructure.
However, once you’ve invested sufficient time and money into tailoring the platform to your own preferences, it becomes a great tool for publishing and editing content on a website. Umbraco has a wealth of features that allow you to create high quality websites and dynamic web pages.
On a side note, if you’re a Microsoft user, you’ll be pleased to see some similarities in the structure of Umbraco’s user interface (UI).
WordPress’s Usability
WordPress is far more straightforward when it comes to usability. It provides you with a convenient, efficient user interface (UI) that allows seamless publishing, management, and editing of content on your sites.
It’s simple editing content on a page-by-page basis in WordPress, which saves you valuable time, with a handy block-based design.
The ease-of-use makes it possible to share responsibilities across your team, even if some of you don’t have any previous experience with a CMS, unlike the more technical Umbraco platform.
Customisation
Customisation with Umbraco
Umbraco is known for being highly customisable and flexible. It’s best used as a clean slate for developers to tailor to the business’s requirements. However, this isn’t easy to do for the average user.
As mentioned earlier, Umbraco isn’t suitable for the average CMS user in its initial state. Unlike most CMSs, you’re required to spend some time customising Umbraco in order to make it into a platform that’s approachable and easy-to-use. Once you’ve done that, however, Umbraco can become an excellent CMS with great content editing capabilities.
Customisation with WordPress
WordPress allows you to customise it to your own liking as well. The difference here is that you don’t need to change much about WordPress’s set of tools and features before you can begin using it comfortably.
This allows you to create quality content from day one, with the freedom and flexibility to make adjustments to the platform as and when you require. WordPress is also an easier platform to upgrade with custom features due to the quality of its community-sourced plugins.
How Secure is Each Platform?
Cyber security is becoming a greater concern each day for businesses. Choosing a platform that delivers robust security should be a top priority, so you can have full confidence in the protection of your data.
Umbraco’s Security
Umbraco comes with a high level of in-built security. The software is based on Microsoft’s .NET platform, which gives it support from Code Access Security (CAS). Working alongside that CAS, Umbraco provides identity-based security, and that makes it considerably more secure than the average CMS.
Having said that, you shouldn’t let this act as an excuse for your agency partner to take security for granted. Every web development project should be approached with security at the core, no matter what in-built protection the platform has.
It’s also important to note that Umbraco is an open-source platform, meaning a community of developers regularly creates updates and new features within the software. This means that any new additions should be tested carefully for security in case they create new vulnerabilities.
WordPress’s Security
While it is generally very secure, WordPress is another open-source platform backed by an active developer community. It’s important to be cautious of the raft of new features, updates, and plugins that are regularly released.
From a security perspective, be mindful of plugins, both in terms of where they come from and ensuring they’re correctly tested, maintained, and updated. For any CMS, these issues are best left to an experienced agency partner who has the expertise to minimise these risks for you.
Aside from that, WordPress does offer enterprise-grade security, with organisations like globally renowned pharmaceutical company Hutch Med and leading venture capitalist firm Balderton Capital using it today.
How Scalable is Each Platform?
Scalability should be another important part of your criteria when selecting a CMS. Fast, agile expansion is crucial for the platform, just as they are for your business as it grows.
Therefore, you need your digital infrastructure to be able to scale cost-effectively with more pages, additional functionality, and perhaps even more sites.
Scalability with Umbraco
Umbraco’s scalability is one of its strengths. With Umbraco, your site can seamlessly evolve as your business grows and your requirements change.
It’s especially useful for teams that need to manage a high volume of pages simultaneously, making it very suitable for large businesses.
Scalability with WordPress
In the past, WordPress mistakenly had a reputation among some for being most suitable for smaller businesses. However, its excellent scalability proves that to be nothing more than a myth.
Just like Umbraco, WordPress is agile and scalable enough to grow alongside your business and adapt to your changing requirements.
Cost and TCO
A CMS is a big investment, and should be considered a long-term one. In order to ensure you’re achieving a strong return on investment (ROI), it’s helpful to find a platform that offers good value and a low total cost of ownership (TCO).
When assessing this, it’s important to factor in costs such as hosting, licenses, agency fees, maintenance, bespoke development, and more.
Umbraco’s Up-Front Work and Ongoing Costs
Because it’s open-source, Umbraco can be free-to-use.
However, as mentioned earlier, it’s a platform that requires a great deal of technical expertise and initial development work. That will typically involve longer timelines with your agency than other CMSs, which inevitably mean high costs. Because it’s a complex platform, you’ll also face higher costs whenever you need to develop new functionality or work on integrations.
WordPress Value and TCO
WordPress comes with a far lower TCO than most other CMS options. Its ease-of-use and flexibility out-of-the-box make it a very cost-effective platform.
WordPress licenses are free, so your implementation costs would be limited to just hosting, agency fees, and post-deployment support.
Any plugins or extensions you want to apply to the platform will be licensed and paid for separately, but it’s unlikely you’ll need to add many new capabilities because it’s such a feature-rich platform by itself.
Developer Communities
If a technology platform is supported by a strong community of developers, that will be highly beneficial to your business. Dedicated users from around the world work hard to continuously create improvements, additions, and updates to help the software become the best it can be.
Umbraco’s Community
Umbraco has been around since the year 2000, making it one of the oldest CMSs. That means it’s had a long time for a large, skilled community of developers to grow around it.
As touched on earlier, Umbraco is built on a Microsoft-based infrastructure, using a C# framework, and is the most popular platform of this kind.
However, it’s important to note that Umbraco is facing some decline. More popular platforms, like WordPress, gaining widespread adoption have seen developments with Umbraco slow down in recent years.
WordPress’s Community
WordPress has a healthy global community devoted to constantly improving the platform.
WordPress developers are renowned for their creativity, producing a wealth of innovative new themes and plugins that can be used by any business with ease.
The WordPress community also regularly holds free events to help people learn more about how to use the platform. For instance, WordCamp is a non-profit event that has been running since 2006 across several continents.
The Important Role of an Agency
As touched on throughout this article, another factor which will influence the success of any projects with your chosen CMS is a development agency.
When finding the right CMS is such a challenge by itself, many businesses underestimate the importance of finding the right agency partner to support you with your CMS.
But as mentioned earlier, how well you handle critical aspects of the platform like security, testing, usability, and even your TCO are often determined by your agency.
With Umbraco, all the platform’s functionality has to be custom coded, which makes development time in the back-end longer than most businesses expect. This also makes Umbraco difficult to work with internally, as well as for any maintenance and updates. When working with an agency, this will see your costs increase when compared to WordPress technology.
Whichever CMS you pick, they’re all considerably easier to use, and to achieve healthy ROI, with a specialist partner supporting you. Finding an agency with the right experience and expertise to help you unlock the full potential of your platform should be another important part of your overall decision.
Making Your Decision
So, how do you take all these comparisons and decide which CMS is right for your business?
In all honesty, both Umbraco and WordPress are both good options that would work well for most businesses. Although, it is generally accepted that Umbraco is a less approachable platform than WordPress unless you have technical skills within your team.
In order to determine which one will be more suitable, it’s useful to look at each of the characteristics listed in this article in relation to your unique requirements and business needs.
Remember that every business, and every web development project, is different. Think carefully about your specific strategic objectives, budget, users, technical specifications, and any other important factors. That should make it clear which CMS is the better choice to deliver what you’re looking for.
If you need more help in your evaluation of the various CMS options:
Would you like these insights straight to your mailbox?
Industry News
25 April, 2023
The Changing Roles of Web Design and Development in the Age of AI
Summary
In the first few months of 2023, generative AI has burst on to the scene and begun to change our relationship with technology forever. Already, there’s plenty of evidence to suggest that people in a wide range of jobs will have to adapt quickly or risk being replaced. In this article, we explore the impact AI is having on the web design and development industry, as well as how businesses, and people, should approach working with this innovative technology.
———
AI tools are nothing new. We’ve all been using them for years, from chatbots to predictive text to voice-controlled assistants like Siri and Alexa. But the recent mainstream adoption of AI tools such as Chat GPT, and the rapid advancement of the technology itself, has caused huge disruption across a number of industries.
Many assumed that people like marketers, software developers, and UX and UI designers would be some of the last ones at risk of having their jobs taken by AI, due to their need for creative skill and use of human emotion. Ironically, these roles have been some of the first to come “under threat” over the past few months.
AI’s speed and efficiency is already forcing us to ask questions about the future of the web design and development industry. With that in mind, one question in particular has dominated discussion online so far this year:
Are our jobs in danger of being taken by AI?
By now, you’re almost certainly aware that AI offers incredible value by accelerating workflows and augmenting skills. Some of the most beneficial use cases lie in:
AI can also devise entire business and marketing strategies, solve complex problems, and even create its own AI-powered applications from scratch. Perhaps most importantly, it can do all these tasks in a matter of seconds, when most of them would take a human several hours, days or even months.
The Latest News and Tools (at the Time of Writing)
Over the past few months, there are more and more AI-powered tools being released on an almost daily basis.
The number of AI tools that have been released recently is staggering, and the capabilities of some of them is truly mind-blowing. Just last month, in March 2023:
It’s both exciting and terrifying to think these highly intelligent tools are just the tip of the AI iceberg. When you consider how common it’s now become to use AI to develop even more advanced AI, it seems that the rate of evolution will only continue to increase exponentially from here.
How is AI Transforming Design and Development?
While these AI tools are extremely impressive, it’s not as straightforward as simply plugging them in and sitting back while they literally do your work for you. It’s possible we may get there one day, but right now we believe we’re a long way off.
These tools are highly sophisticated and intuitive, and their adoption is probably going to change the way we all work forever. However, this should be seen as technology that will augment and enhance people’s ability to do their jobs, or create new jobs entirely, rather than “steal” them away from us.
The current use cases for AI are mostly just ways for you to do your work, much faster and more effectively. This could either be done by automating processes to save time, or by supplementing your existing skill-set with new capabilities with the help of AI. For example, if you wanted to convert your code from one language into multiple languages, you would be able to do this with the help of Chat GPT.
When it comes to user experience (UX) design, one crucial thing AI will always be missing is human empathy, emotion, and understanding. A company looking to create a high-performance website that supports their strategic business goals and engages their target audience will fail if they don’t take into account human understanding and collaboration between them and their web development agency.
Outlining the What and the How is important, but the Why is arguably what drives great UX and UI.
“Design is not just a visual experience, it’s an emotional one. It should make people feel something.”
Nathan Shedroff, Author and Professor of Design Strategy
UX design is a nuanced, collaborative process, focusing on the specific requirements of the business and the specific needs of the target audience. You can save a lot of time using AI to produce a high volume of early conceptual designs or accelerate your copywriting process. But without the human element, none of these things will be authentic or anywhere near the required standard.
Potential Concerns and Risks with AI
Of course, we’ve not even mentioned the rising concerns and risks associated with AI yet. Just last month, over 1,000 technology leaders and influencers signed a petition to halt the development of generative AI until more governance can be introduced to ensure its safety.
There are still some serious grey areas regarding the use of this technology in business as well, from regulations and legal implications to the copyright of creative work like logos and images. These are providing opportunities for a wide range of new forms of cyber crime, phishing, and “deep-fake” imitations which could spiral out of control if left unchecked.
There are also plenty of moral issues surrounding AI that we must consider. For example, what implications will there be for our society if global businesses do begin replacing humans with AI on a large scale?
A key concern is that Generative AI is also having a significant impact on the environment, which is a conversation most people seem to be avoiding for the time being. With the global fight to reduce carbon emissions intensifying, and more businesses placing sustainability at the core of their values, there needs to be some action taken to balance those priorities with the efficiency and speed enabled by AI.
The SoBold Perspective
From our perspective, as a leading design and development agency, we believe that people will always want and need to work with other people. Personable relationships, real-life experience, and critical thinking are all essential parts of our work. In many cases, that’s also what many of our clients value most about our services.
Granted, we’re always looking for innovative new ways to push the boundaries, and AI is an incredible tool that will help us do that. But it won’t replace crucial human characteristics like empathy, emotion, and subjective opinions.
It will, however, help us spend less time on low-value tasks, and more time to focus on building stronger relationships and gaining a deeper understanding of our clients’ needs. That will only result in improving the work we deliver, which is something we’re always striving to achieve.
The Verdict on AI (for Now)
This year will probably be looked back on as a turning point in history when AI was introduced to the world. But this technology won’t replace too many jobs just yet. Instead, it will enhance our ability to work smarter, faster, and more efficiently.
For now, the only people at risk of losing their jobs to AI are those who fail – or refuse – to adapt to this new way of working and embrace the change. Similarly, if you’re using AI because you’re being lazy or complacent, that will also cause problems. You should never use work produced by a generative AI tool without checking its quality and accuracy, and you’ll always need to add a human touch before considering it finished.
On the other hand, if you’re forward-thinking and agile, embracing AI will make you exponentially better at your job. Here at SoBold, we’re personally most excited by how AI has the potential to help us vastly improve the service we deliver for our clients.
Of course, this technology is evolving so fast that it’s difficult to predict where we’ll stand a year from now. We’ll be discussing this, and lots of other important trends, in our new monthly newsletter.
Would you like these insights straight to your mailbox?
UI Design
18 April, 2023
What is Visual Exploration in the Process of Web Design?
When a visitor lands on your website, the visual design is likely to be the first thing they’ll notice. It’s also usually the thing they’ll remember most.
75% of consumers reportedly judge a business’s credibility based on its website design. This first impression can make or break a prospective client’s interest in working with you.
The ultimate goal of your website is to attract and retain as many prospects as possible, and then convert them into clients. But most websites are designed in a way that leaves those goals unfulfilled, failing to reach their full potential.
With that in mind, your visual identity should be treated as a top priority within the overall design of your website. Believe it or not, this can have a significant influence on the growth and success of your business.
When working on a web design project, you should always go through a careful visual exploration phase to find the right visual identity for your website.
Whether you’re going through a full company rebrand or just refreshing the style of your website, it’s important to ensure your design is tailored to your specific target audience. This is how you begin to drive business growth through your website.
Without a visual exploration process, your website may not convey your company’s brand identity and values as clearly as you’d like it to.
In this article, we’ll outline the steps taken so you’ll know what to expect when working on a website design project.
What Does the Process Involve?
The purpose of this process is to define the best visual direction to take with your site.
This is a crucial aspect of your overall design, with aesthetic elements being brought together to create a look and feel that engages your site’s visitors and retains their attention. To achieve that, your visual design needs to establish a connection between your audience and your brand immediately. It should also demonstrate why your visitors should work with you.
Exploring your visual identity will cover a wide range of elements, including:
What are Mood Boards and How Can You Use them?

The main tool used to help determine the right visual identity is a set of mood boards.
These are a visual compilation of all the various elements that make up your website’s visual design. Each mood board is essentially just a single-page collage of design styles based on previous discussions and the findings from the research and planning phase of the process.
The aim of these is to capture your brand’s visual style and tone. This will give the stakeholders, and your designers, a shared understanding of the design you’re working towards.
Mood-boarding helps you visualise the work on your website’s design before it begins and agree on a design aesthetic that accurately reflects your brand identity and values.
Think of this like a problem-solving exercise. Your design agency will take a research and data-driven approach to conveying your brand identity, while also catering to your target audience and accommodating the latest industry trends.
Collaboration and Iteration
Like most processes within web design and development, this visual exploration process should be collaborative and iterative.
You’ll typically be presented with a mood board and a set of ideas by your agency partner, then given the chance to provide feedback across several rounds of revisions.
Rounds and revisions are always important in any creative process. It’s usually necessary for your agency to develop and present a minimum of three mood boards before the optimum aesthetic is agreed upon. This is a crucial step towards the ultimate goal of creating a new website that accurately reflects your brand and has a positive impact on your target audience.
Connecting with Your Clients Through Design
Your website’s visual identity is what makes your brand resonate with your target audience. Your design needs to clearly convey the values of your business, the quality of your products and services, and the reason why your visitors would benefit from working with you.
Working through this visual exploration phase is an important step towards designing a website that will attract more visitors and increase your conversions.
Once this visual exploration is complete, the next phase of your web design process will be to craft your website’s user experience (UX).
Would you like these insights straight to your mailbox?
Announcement
4 January, 2023
SoBold’s 2022 Round-Up
As we’re now into the first week of 2023, this feels like an appropriate time to reflect on what was another thoroughly successful year for SoBold in 2022.
We’re now working with enterprise clients and providing them with excellent website design and development services. We’ve also continued to grow our client base and are proud to have consistently produced outstanding work on their behalf throughout the year.
We’re pleased to have strengthened our presence in the healthcare and financial services industries. Now, we’re looking forward to building and managing more scalable products for our clients in the year ahead.
Our High-Performance Team
The definition of “high-performance” will vary from person to person, and you may have your own idea of what it means to you. For us, as an agency, it means every member of our team holds each other accountable to always perform at the highest possible level, so we can achieve a standard of excellence for all our clients.
We’ve used “high-performance” as a core value of our company since day one, and have worked very hard over the years to build a “high-performance” team. In 2022, this continued to develop and has allowed us to push those standards even higher, which is something we take a lot of pride in.
We were excited to see all three of our business teams grow in 2022: design, development, and operations. Over the past year, we also made a conscious effort to ensure the whole agency is working closer together as a more functional unit, for the benefit of our clients.
As the team has grown, we’ve had to implement more processes, which has allowed us to scale, and will enable us to continue to scale, as we move into the next cycle of our business.
Congratulations to Ivo Georgiev, who’s coming to the end of a successful apprenticeship scheme, which he did with us and the help of QA’s Tech, Digital, and IT Apprenticeship.
The SoBold Website!
In 2022 we launched our new SoBold website. Finding time to do this while continuously delivering projects for our ever-growing client base was a challenge, but one I’m really proud of the team for managing so well. We used this as a beta project to roll out a new SoBold workflow, and whilst there’s still some way to go to perfect this, we’re really happy with how it’s looking on the front-end!
Every member of the team worked on this in some way or another, and we’re already getting considerably more inbound leads and exposure from it.
We’ve been working hard on becoming more active in the online community as well, and this is notable particularly over the last quarter where we’ve increased our marketing. We were fortunate to be interviewed by Cloudways, who are a cloud hosting service provider we work closely with, and you can see this interview here.
Clutch has continued to be a new business driver for us and our profile has gained more exposure amongst the country’s best website design and development businesses.
We’ve also begun producing a selection of in-depth guides and blog articles to help our community more easily navigate the current technology landscape. You can find all that useful content on our blog.
Our Clients
We’re grateful to have worked with so many wonderful people from some brilliant clients over the past 12 months, and have built an array of different sites each with their own unique brief and challenge.
If you’d like to gain insight into the process we follow with our clients for project briefings, check out this recent article, which also includes a helpful brief template.
This is a great chance to showcase below some of the work we’re most proud of in 2022, for a selection of companies who are doing some very interesting things to make positive change in their respective industries:
Built and Live
Jamie and the Jam – Jamie and the Jam conceptualise, create, deliver, and manage beautifully bespoke content for their clients and their audiences.
Amplitude Clinical – Amplitude is a leading UK Patient-Reported Outcome Measures (PROMs) and clinical outcomes platform.
Arenko – Arenko is a market-leading technology provider enabling the clean energy transition.
Dictate.IT – Dictate.IT helps healthcare organisations across the UK and Ireland harness the power of speech to deliver seamless, efficient, and effective document management.
Edgerley Simpson Howe – Edgerley Simpson Howe are specialist out-of-town retail, leisure, and commercial roadside property consultants.
Pippo – Pippo lets you book your GP appointments whenever and wherever suits you.
Common Purpose – Common Purpose offers exceptional personal training in the heart of Mayfair. If you’re looking to start with a new gym or PT in the new year, Common Purpose are your guys to speak to!
Still Waiting to go Live!
Coller Capital – Coller Capital is one of the largest global investors in the private equity secondary market.
Healthlink – Healthlink connects more than 15,000 medical organisations across Australia and New Zealand.
Konnect Net – Konnect Net helps businesses in the insurance and health sectors exchange data in a quick and secure way.
Turvec – Turvec is a bike parking company specialising in designing, installing, and maintaining secure and user-friendly bicycle storage solutions and two-tier bike racks.
There’s also a handful of special clients listed below that want to highlight, either because of the longevity of the relationships or the positive impact our work has made on their businesses:
Kapow Primary
Kapow Primary, whom we’ve been working with since 2018, is now used in almost one third of all UK primary schools, with over 30,000 primary school teachers using the Kapow Primary platform each week.
Our amazing Kapow team has been working on some really inspiring projects over the past few months particularly, and we cannot wait to share more when we publish these live.
You can learn more about our work with Kapow, and how we first started, in our case study here.
Rede Partners
We started working with Rede Partners in late 2019 to help bring their vision ‘RedeWire’ to life. RedeWire is a new interactive online limited partner (LP) portal, providing instant access to Rede’s current fundraising offering.
RedeWire has had a closed launch, so we’re really excited for it to launch to their wider audiences in Q1 of this year.
Transport for London
Transport for London has renewed its cookie management contract with us for a fifth successive year. This highlights not only the great work we’re doing with them, but the importance of the relationship we’ve built with them.
We recently became only the third Platinum Certified Partner with Cookie Bot in the UK and this is a service we believe will continue to grow into 2023 and beyond.
You can learn more about our work with Transport for London here, and you can also read about our contract renewal in our press release here.
Clanwilliam
We’re proud to have been working with Clanwilliam since 2017, and our relationship has flourished each year since then. We initially started working with their Global HQ, before being rolled out across their three divisions Clanwilliam Ireland (site being redesigned in Q1 2023!), Clanwilliam UK, and Clanwilliam ANZ.
We work with over 15 of their brands designing, developing, managing, and hosting their websites. We also work closely with these brands to help them with their branding and print design activations.
2022 saw Clanwilliam take a major shift in their global brand, choosing us to help them rebrand from Clanwilliam Group, dropping the ‘Group’. We worked closely with their Global Brand and Communications Director, Lauren Turner, to help bring this to life.
We all went into the process looking to rebrand Clanwilliam in its entirety, changing the logo and creating a completely new brand. However, we quickly realised the logo was going to stay and the brand needed to change around this.
We uplifted Clanwilliam’s colour pallet and fonts, creating a new brand that much better reflects their company’s values and ambitions.
You can see a more detailed case study about what we did here.
It’s Not All Websites Though!
Our talented Graphic Design Team was busy in 2022 too, across multiple rebrands and supporting various Knight Frank divisions. Some of our Knight Frank work is highlighted here.
We’ve also successfully managed to move all our clients into our Positive Park Hosting environment, which is based in Cambridgeshire. This has meant all our sites are running on a more optimised and bespoke server, tailored to their needs. Our VIP enterprise-grade support at the hosting park has made a positive impact, ensuring all our clients have peace of mind that their sites are secure and stable.
The hosting environment is an eco-friendly data centre that uses 100% renewable energy and is certified by the Green Web Foundation.
You can learn more about our hosting solution on our WordPress Website Hosting service page.
In addition to working with our clients, we’ve also been working hard on improving our processes, becoming more compliant and becoming a more reputable company across the board.
We became ISO 90001-compliant in 2022 and have successfully put our project management systems in place. Our Project Manager, Anna de Moraes, has been instrumental in implementing processes to optimise our workflow, and she’ll continue to drive the business forward into 2023.
We were absolutely delighted to work with Nation.Better to get a Skilled Licence VISA sponsorship as well, which opens up opportunities for us to hire more global talent. This is something as a business we’ve been looking forward to for a while now. Getting this licence and already hiring two people, and giving them the opportunity to work in London, is something we’re really proud of.
We also renewed both our Living Wage Accreditation and Cyber Essentials certification.
2023 and Beyond!
2023 is only going to be bigger and better for us here at SoBold. We have big plans to execute on our hiring strategy and intend to grow the team across all areas of the business. Doing so will help us continue to improve the service we provide to our clients.
We’ll continue to work with key clients in our industry focuses: healthcare, finance, real estate, and SaaS. As we work with more medium to enterprise-sized clients, we’re confident we’ll become more recognised as the High-Performance WordPress agency.
Thanks for reading. We hope you have a great year in 2023!
To keep up with all the latest news and updates from our agency, and gain priority access to our weekly learning resources, please do join our community by subscribing to our newsletter below.