Summary
Despite being the most popular content management system in the world, many large businesses and organisations in strictly regulated industries are still asking, “Is WordPress secure enough for us?”
This article will give you a detailed explanation of how WordPress can provide enterprise-grade security, to help you make your own decision about whether it’s secure enough for your own business. We’ll also share some helpful tips to enhance the platform’s security and reduce its risks even further.
As technology has become more pervasive in our daily lives, cyber security concerns have intensified, especially in the workplace. Each year, we read about more high-profile cases of global brands becoming victims of malicious cyber attacks, most often with sensitive data being the real target.
As a business, you should be increasingly careful and vigilant about the technology solutions you deploy today. This is even more important for large businesses and organisations in industries with strict regulations, where the consequences of security issues can be catastrophic.
When you’re choosing a content management system (CMS) to build critical digital assets like your website, security must therefore be a top priority.
Despite being the most popular CMSs in the world today – powering almost 45% of the world’s websites – WordPress is still seen by some as the platform for smaller organisations. You’d think its popularity alone would be sufficient evidence that WordPress is secure, especially as a large fraction of that user base includes enterprises across both the public and private sectors. However, when it comes to WordPress security, there are still some question marks.
So, is WordPress secure?
Yes, absolutely.
But there are certain factors and potential pitfalls you should be aware of if you’re considering WordPress as your CMS of choice.
Understanding Security in a CMS
As business challenges with cyber security and data protection continue to grow, selecting a platform that offers robust security is crucial. But how does that work, exactly?
Ultimately, a CMS like WordPress is just a piece of software, and all software can be vulnerable to security issues in a variety of ways.
The most obvious of these is a cyber security attack, either by hackers, a virus, or malicious software (malware). Any CMS used in a business environment needs to be built to withstand these attacks on a daily basis, and WordPress is definitely capable of doing so.
Another significant risk is when software has accidental weaknesses, issues, or vulnerabilities – known as bugs – built into its code. Bugs are common in software, and they can manifest as anything from a box appearing in the wrong place on your website to a platform vulnerability that leaks mission-critical data to cyber criminals.
Bugs aren’t difficult to fix, and we’ll explain later in this article why WordPress users can be confident that these kinds of risks are minimal with the platform.
However, when it comes to a CMS’s security, it’s important to understand the following point:
The biggest security risks, and the greatest opportunities for cyber criminals, are unsafe user behaviour, lack of best practices, insufficient maintenance, and poorly built sites. Not the platform itself.
Your behaviour, and the behaviour of your end-users, is an area that can be exploited or cause problems if you don’t prioritise security. That’s why it’s necessary to take a proactive, rather than reactive, approach to protecting your data. The rest of this article will help you do that, and remove any concerns you still have about WordPress security.
Is WordPress Secure?
The misconception that WordPress isn’t secure enough for large businesses still lingers, but why? Well, the main reason is because the platform is free-to-use, and so it was initially most popular among B2C blogs and smaller independent businesses.
Today, however, this couldn’t be further from the truth. Industry-leading enterprises such as private equity advisory firm Rede Partners LLP, global investment firm Coller Capital, and global research and advisory leader Forrester use WordPress for their CMS, just to name a few. This goes a long way to proving the apprehension towards WordPress security is unnecessary.
So, let’s explore the WordPress platform in more detail to understand why these global enterprises have full confidence in the security of their data, as well as the data of their clients and partners.
WordPress is already a secure, stable platform out-of-the-box.. You can rest assured its core code is highly secure, because it’s overseen by a team of security experts who thoroughly test and quality-check it on a continual basis. They regularly release updates and reinforce any potential weaknesses before they’re exploited to protect you against any new-found threats.
A team of security analysts study the ever-changing cyber security landscape and respond to it with speed and precision.
While WordPress may be seen by some as a CMS for small businesses, the speed at which security updates are implemented is arguably the best in the world when compared to other platforms.
WordPress is also open-source software, which means all the code it’s built on is available to the public. Anyone from outside the WordPress team can view it, download it, and make adjustments to it. Users often suggest their own changes and updates to the code by submitting them to the WordPress moderator team for approval. If improvements are made to the WordPress code, these updates will be released to the global user base.
These people are part of a global community of dedicated, passionate users who work hard to ensure the platform is always developing into the best version of itself possible. Anything WordPress’s own team misses, the developer community will catch. This means users are often fixing bugs and shutting down potential opportunities for cyber criminals, keeping the platform safe for everyone else.
WordPress Security Vulnerabilities
While WordPress does have the support of some of the brightest developers in the world, who keep it as secure as possible, they can’t take care of everything for you. As mentioned earlier, your biggest security risks will probably lie within your own business, regardless of what CMS you’re using.
Additional security vulnerabilities can arise in certain scenarios, often caused by ignoring best practices or failing to take responsibility for simple maintenance of the platform.
Web Hosting
Your hosting environment is an important factor that can influence how secure and protected your data will be. Your WordPress websites will be hosted in a server that stores your files and data in a data centre.
WordPress, like any platform, should be hosted in a secure environment, with an experienced provider who prioritises security as part of their services. This should include putting proactive security measures in place for scenarios like unplanned down-time or even natural disasters.
Secure hosting should also involve automated monitoring for malicious activity and vulnerabilities in your servers and software, as well as incident response.
Before choosing your hosting service, be sure to carry out some due diligence and look into the security best practices of your host. In many cases, it’s wise to work with an agency partner who will help you with this, but more on that later.
Plugins
While the WordPress community is one of the platform’s greatest strengths, interacting with unsafe additions to the software can also be its downfall for some businesses. It’s important to be cautious of the constant stream of new features, updates, and plugins being made available, because some of them could create issues for you.
To avoid these problems, you shouldn’t download plugins unless they come from recognised, credible sources. Furthermore, you should always ensure all your plugins are correctly tested, maintained, and updated.
We appreciate this may sound complicated. For that reason, you should entrust this responsibility to a partner. When using WordPress to build and manage websites, a good agency should help you ensure everything is secure and up-to-date.
Software Updates
When you’re running a website or application on WordPress, you’ll regularly receive software updates from the platform. Any time an update comes through, it’s because certain bugs have been fixed or some improvements have been made.
It’s crucial that you keep up with WordPress updates because they’re there to keep your site secure. By leaving your site running on outdated versions, you’re at risk of a known issue being exploited by cyber attacks. Again, this should be taken care of by your agency partner so you don’t need to worry about keeping your web platform up-to-date.
Tips to Strengthen WordPress Security
If you still have doubts, there are some simple steps you can take to further strengthen the security of the WordPress CMS. Some of these more general tips can also be applied to most website platforms and other software software products in general as well.
Use a managed hosting service that offers enterprise-grade security.
You wouldn’t rent an office in a building that leaves its doors unlocked at night. Why would you place your sensitive data in a data centre that isn’t fully secure?
Some things you should consider non-negotiable for a web hosting provider to offer include:
- 24/7 support
- Back-up and disaster recovery
- Fully-managed service
- Automated monitoring and alerts
- 99.99% up-time
- 100% pass-rate for data centre audits.
Put back-up and disaster recovery services in place to ensure you’re protected from all potential risks.
To build on the above point, ensure your hosting service has measures in place for back-up and disaster recovery. This fail-safe measure will give you a way to save and recover all your data in the event of any losses.
Do not use, or allow your agency to use, any plugins from unrecognised sources.
As mentioned earlier, only use plugins from sources you trust. You should also keep all plugins and additions to the platform up-to-date, and make sure they’re rigorously tested – or, rather, make sure you can rely on your agency partner to do this for you behind the scenes.
Use plugins alongside security-specific enhancements.
You can further bolster the security of the WordPress platform by leveraging security-specific plugins such as WordFence, Sucuri, and Defender Pro. These can inform you of potential vulnerabilities or incidents so you can respond quickly before they have an impact on your business.
Don’t use tools that enable direct access to your site database from within the dashboard.
Some digital tools or extensions give direct access to your site’s database or files from within the dashboard, to make managing your website easier. This is something to avoid, because they’re often a major security risk.
Enable SSL
Enabling SSL (Secure Sockets Layer) introduces a protocol which encrypts the transfer of data between your website and your users’ browsers. This makes it more difficult for cyber criminals to steal information and data online.
Encourage your users to follow security best practices.
You can put all the security measures and data protection possible in place, but they could all be for nothing if a weak password or bad behaviour compromises your website.
Some security best practices every business can easily implement include making strong passwords compulsory among all users and introducing additional measures like two-factor authentication.
Rely on an Expert to Minimise Your Security Risks
As touched on throughout this article, another factor which will determine how secure your WordPress platform is will be which agency you decide to work with.
While deciding whether to invest in WordPress is a big decision, don’t underestimate the importance of finding the right agency partner to support you with your CMS, especially when it comes to WordPress security.
Ultimately, you should understand that:
- WordPress by itself, out-of-the-box, is secure enough for most businesses to use.
- WordPress in the hands of an inexperienced or negligent agency will create significant security risks.
- WordPress is the hands of a dedicated, specialist partner is a platform you can trust and rely on without any concerns.
Your data will be fully protected if you work with an agency who takes security seriously and prioritises it at the core of every development task they deliver for you.
That means they should be capable of handling secure architecture, testing, monitoring, updates, and ongoing support for you as part of your service. You should always take the time and care to find a specialist agency partner who has a proven track record of building robust, reliable sites, to ensure you’re minimising your risk.
WordPress is a Suitable Platform for the Enterprise
Cyber security and data protection are critical for businesses of all sizes, across all industries. But it can’t be denied that large businesses often face more severe consequences by falling victim to a cyber attack or data breach.
Choosing a platform that you have total confidence in is a necessary factor in the process of evaluating your options for a CMS.
When you have your own role and responsibilities to focus on, the last thing you want is to be constantly worrying about the security of your site. Following the advice and best practices listed in this article will provide you with a highly resilient WordPress platform with enterprise-grade security. That will allow you to spend more of your time creating an outstanding website that differentiates you from your competitors and drives business growth.
If you need more help understanding and evaluating platforms to deliver a web design and development project, read our comprehensive guide to selecting the right solution here.
Would you like these insights straight to your mailbox?
- Brainstorming and ideation
- Assistance in research and information-gathering
- Writing copy
- Writing code
- Image and video creation
- Data analysis
- Automating manual processes.
- GPT-4 was released as an upgrade to Chat GPT. GPT-4 can understand images, process 25,000 words in one go, earn a top 10% score on complex exams, and even demonstrate some advanced reasoning capabilities.
- Adobe released Firefly, which is a programme with a range of new generative AI features. It can create outstanding new content using simple language, with almost-unlimited creative options like turning 3D compositions into photorealistic images and automating advanced video editing processes.
- GitHub launched CoPilotX, which can supposedly boost coding speed by up to 55%. CoPilotX has similar features to Chat GPT, but will be used by software engineers and developers to boost productivity and time-to-market.
- And, just last week, Stability AI released its Stable Diffusion XL model, offering photorealism through an intricate editing interface. It’s reportedly built with around 2.3 billion parameters.
- Demographics
- Goals
- Challenges
- Motivations
- Preferences
- Frustrations.
- Design look and feel
- Structure and navigation
- Features and functionality
- User experience
- Content and layout
- Calls-to-action
- Speed and performance
- And anything else relevant to your project.
Company Milestone
3 December, 2018
SoBold selected to work with Transport for London
SoBold Limited (SoBold), a leading digital and web marketing consultancy, is delighted to announce that SoBold has been selected to work with Transport for London (TfL) to build, manage and support a bespoke Cookie Consent Management Tool for use across TfL’s portfolio of websites.
SoBold’s rapid growth over the previous 12 months has seen them become a leading player in the digital and web marketing space. SoBold’s core offerings are now used by over 200 customers worldwide and we anticipate this customer base to continue to grow considerably over the next 12 months and beyond.
SoBold has been an authorised Reseller of Cookiebot since the new General Data Protection Regulation (GDPR) came into place on 24 May 2018. Cookiebot’s tool consists of three main features: cookie consent, cookie monitoring and cookie control and SoBold work with their clients helping them manage, build and integrate these solutions onto their websites. SoBold now manage Cookie Consent Management for clients across numerous different industries.
Transport for London has completed a formal tendering process to procure a new Cookie Consent Management Tool for their tfl.gov.uk website domains. By procuring the tool, Transport for London is best able to align their approach to cookie management with the requirements of data protection legislation. SoBold will work with Transport for London, for a minimum of 12 months with the option of extending the contract for a further 24 months.
SoBold Founder and Managing Director Will Newland, commented:
“We are absolutely delighted to work with Transport for London. This gives SoBold the opportunity to work with a large, well known, corporation and we have no doubt we can play a big part in ensuring Transport for London’s customers can feel safe and confident when sharing information about themselves on the TfL website. This further strengthens SoBold’s position as a leading player in the Cookie Consent Management space.”
SoBold Lead Developer Sam Phillips, commented:
“This is a fantastic opportunity for SoBold to showcase our experience in the delivery of bespoke Cookie Consent Management solutions across a portfolio of websites with millions of visitors per month. The contract with TfL cements our position as a leading CookieBot reseller in the United Kingdom.”
Would you like these insights straight to your mailbox?
Digital Business
2 March, 2023
Harnessing Your New Website’s Full Potential by Taking a Block-Based Approach With WordPress
Did you know you can use a block-based approach with your WordPress website to gain more value from the platform, with significant advantages in flexibility, scalability, and ease-of-use?
In this article, we’ll explain what blocks are, how they work, and how you can use them to build enterprise-grade websites quickly and efficiently, without compromising on quality.
—
WordPress is the most popular content management system (CMS) in the world right now, and it has been for a while. Unfortunately, though, some people still have the wrong impression that it is a CMS that can only be used to build more simple websites that do not have any real complex functionality or integrations, but this couldn’t be further from the truth.
In fact, WordPress is far more intuitive and robust than most realise. The fact that around 45% of all websites online today are built on the platform goes a long way to prove that. WordPress also provides more scalable, agile capabilities that are perfectly suited to building enterprise-grade websites if leveraged in the right way.
There are intelligent – but still very straightforward – ways to use WordPress that can unlock more value from the CMS. If done with the right guidance, this can make WordPress a far better option than the more traditional, rigid approach of building websites.
This is an opportunity most large businesses are currently missing out on. In this article, we’ll show you how using blocks is a more flexible approach that can provide you with a wealth of benefits.
Understanding How Using Blocks In Your Website Backend works
In 2018, WordPress released a new block-based design and editing user interface (UI), known as Gutenberg. Instead of the typical page creation and editing functionality of a CMS, where you’d input text and images into a rich text editor, you can now build your site by creating and using a set of components. Components are blocks of code which have pre-defined style and input types.
Each component is named, to denote what it is from the perspective of the front-end of your site on the web page.
Note: Some agencies only provide a list of block names, but here at SoBold we also provide screenshots of each block so you can see it first. This makes the process much easier and saves you a great deal of time.
Each part of each web page is made up of these components, as pictured below.
However, taking a bespoke approach, you can design and construct unique blocks that are entirely your own. Blocks or components can be built for you by your agency so they’re bespoke to you, your style guidelines, your design preferences, and so on. And, when building your site, you can go into your pre-built components and edit things, like changing background colours, adding images, adding text, and so on.
This can be set up for you by your agency, so you have everything you need to create, edit, and publish new pages with your pre-built blocks. Anytime you need to create a new page, you just have to pick the appropriate components and place them in the correct position to quickly and easily build the page.
The Business Benefits of Using a Component-Based Approach
Scalability
Scalability is one of the greatest benefits of using these blocks, especially if you are wanting to continue to build out your sitemap and build out the content.
This scalability is where WordPress really shines, enabling simple, rapid, virtually limitless scaling of your website with a high level of accuracy. This is a cost-effective way of growing without having to compromise on the quality of your design.
Flexibility
Blocks provide you with a great deal of flexibility in building, editing, and structuring of pages as well. The ability to customise all your components, along with the intuitive drag and drop functionality, allows you to effortlessly adapt and expand on your website.
Efficiency
Building components, and repurposing them repeatedly across your website, is a highly efficient way of growing your site. It also makes it very difficult to make mistakes or take a wrong turn.
This efficiency of reusing blocks across your website will free up time for you to develop innovative new features, or focus on improving the service and experience you provide your clients.
Ease-of-Use
If you have non-technical members of your team who would benefit from using WordPress, blocks will almost certainly improve the usability of the CMS for those people.
An easier design and editing function helps more members of your team create web pages within clear, pre-set brand guidelines. That’s another aspect that frees up more time and resources to focus on higher value tasks.
If you’re working with a design and development agency, this also makes it much easier for them to be able to train you and enable you to use the platform to manage your site.
Faster Time-to-Market
All this efficiency and ease-of-use will enable you to achieve a faster time-to-market for new web pages, extensions of your site, or even entirely new websites.
That can, in turn, create competitive advantages for your business, particularly if your competitors are working with CMSs that are slower and harder to use.
Whether it’s you or your agency handling this, you can create and publish new web pages quicker than you could with any other approach.
Lower Costs and TCO
As a result of all of the above, you can reduce costs on development and design, and achieve a much better total cost of ownership (TCO) with the WordPress platform.
Something that takes an inexperienced agency days to complete with the classic design approach can be done in hours using bespoke blocks. This drastically reduces development costs and gives you a lower TCO in the long-term.
The Importance of Finding a Capable Agency Partner
As mentioned earlier, bespoke blocks provide you with a proven way to unlock more potential with WordPress and gain greater value from the platform. However, in order to do that, it’s important to find the right agency partner. You’ll need an agency with enterprise-grade expertise and a certain level of skill to guide and support you through this process.
Taking this approach to building WordPress websites is nothing new, but the real value here comes in creating blocks that are completely unique and specific to you, then enabling your team to use those to scale your site.
Many WordPress agencies may lean on the generic block editor. But to get this right, you should push beyond that to find a partner who can educate you on the opportunities of using a bespoke design system to build a high-performance website that’s effortless to manage and edit.
A great partner will also facilitate this for you in a way that ensures you have control, removing the risk of any users making mistakes with the flexibility of this system. You won’t need to worry about the integrity or quality of your site being spoiled because all your components will be built specifically to prevent that.
You’ll gain tremendous value from receiving an intuitive, quality website that you can easily grow at will, but one that’s also managed and supported by an experienced partner. Sticking to these blocks helps you stay within brand guidelines, adhere to best practices, and keep your site consistent.
You then have the choice to manage, edit, and expand your site yourself, or rely on your partner to do it for you quicker, easier, and more efficiently than they would with a traditional CMS.
Making the Most of Your WordPress Platform
Modern businesses today require a powerful, sophisticated CMS that can deliver great websites at scale with enterprise-grade performance. WordPress is a platform that’s built to provide all those qualities and more. Embracing this block-based approach is the most effective and efficient way to achieve that.
With a skilled agency partner to help you maximise the value your business gains from the platform, you’ll quickly realise just how well WordPress can deliver agile, intuitive websites.
If you’re in the process of evaluating platforms to deliver a bespoke web development project, check our comprehensive guide to assessing and selecting the right CMS here
Would you like these insights straight to your mailbox?
Industry News
14 January, 2025
Five Things We Learned at Brighton SEO
Back in early October, SoBold made our debut visit to Brighton SEO. Since then, we’ve been busy putting the invaluable lessons from the event’s talented speakers into action, all while navigating Google’s November and December Core Updates. Now the dust has (hopefully) settled on the update-front, and the with next iteration of Brighton SEO still a few months away, we’ve taken the opportunity to reflect on our key takeaways and their impact on our approach.
A functional relationship with your development team is critical for SEO success
During Brighton SEO, a recurring theme across different talks was the challenges SEOs face when working with development teams, particularly those that operate in silos. Whether in-house or outsourced to separate agencies, a lack of communication, deprioritised SEO tickets, and limited understanding of SEO best practices often lead to delays, errors, and missed opportunities. Many speakers and attendees expressed frustration at the need for excessive hand-holding to ensure even basic tasks were actioned correctly.
At SoBold, we avoid these risks with a collaborative effort between our development and SEO teams. As a WordPress-first agency, our integrated approach ensures SEO tickets are prioritised appropriately, and implemented to the highest standard. By removing barriers between teams, we’re more efficient and deliver results that drive SEO success.
Don’t discount the basics
It sounds very simple, but one of the biggest takeaways from Brighton SEO was how critical the fundamentals remain to SEO success. Numerous case studies and real-world examples shared by speakers reinforced that many websites fail to rank well simply because they lack a strong foundation. While advanced techniques and tools may sound exciting, the potential is often wasted on websites that haven’t addressed core issues.
Speakers emphasised that getting the basics right still yields some of the highest returns. Core Web Vitals, metadata optimisation, fixing 4xx and 3xx errors, a clear site hierarchy and URL structure, proper indexation, robots.txt configurations and ensuring basic analytics are in place all play a pivotal role. These essentials are often the difference between stagnation and significant ranking improvements. Ensure your fundamentals are sound before turning to more advanced methods and strategies.
AI can be a game-changer for audits, but nothing beats human written content
AI has been the buzzword of the industry in the past two years. Incorporating AI into everyday tasks to maximise efficiency was a key theme at Brighton SEO, specifically the use of AI to streamline time consuming tasks like audits and data analysis.
Audits are central to developing an SEO strategy and crafting roadmaps, and leveraging different AI and machine learning strategies to research, collate, and organise relevant data was a hot topic at the conference, with lots of very knowledgeable people offering extremely useful and actionable insights into how existing workflows can be enhanced through AI.
By leveraging AI tools and machine learning, SEOs can quickly identify technical errors, gather keyword insights and generate comprehensive reports, freeing up more time for the higher-impact strategic work. Speakers showcased actionable ways to integrate AI into workflows, potentially revolutionising the process of audits, roadmaps, and reporting.
However, there are clear limits to the use of AI. While it excels behind the scenes, it falls short when it comes to creating authentic, engaging content. Google’s guidelines, a number of algorithm updates, and leading voices within the SEO community on social media continue to emphasise that nothing beats human-written content based on real expertise and experience. The message was clear: AI can enhance efficiency, but content that resonates with users, builds trust and meets the intent of the searcher must remain in the hands of skilled human writers.
Google’s AI snippets are traffic thieves
Generative AI has been a hot topic across numerous industries since the launch of ChatGPT 3.5 in November 2022, especially in SEO. Google has released numerous updates (to mixed responses) to combat the large influx of AI generated content and the ability for anyone to churn out masses of content on subjects outside their areas of expertise.
There’s no doubt the rise of AI sent internal shockwaves at Google, who had to quickly innovate to withhold a potential threat to their dominance. As a consequence, they released the Google Generative AI Snippets, which generates AI answers at the top of the search results for a range of queries, based on information it’s gleaned from the top ranking pages for said query.
While the concept may seem beneficial to users, the reality is stark for website owners and their SEOs: visibility is drastically reduced. Data presented at Brighton SEO revealed that URLs in Position 1 under these snippets suffered traffic drops of 70%.
Many SEOs and site owners argue this practice borders on theft, as Google repurposes content with minimal credit or incentive for users to click through, and wouldn’t be able to surface any of this content without the websites creating it in the first place. This controversy isn’t going away anytime soon, and SEOs will need to strategise carefully to adapt to this new reality.
Test, test, and test again
Many of the talks were very insightful, offering new methods and solutions for a range of tasks. But each website is different, and what may have a profound impact on one website may not do the same on another.
There are very little one size fits all in SEO, and our testing of the new methods and techniques detailed at Brighton SEO has shown just that. We can take the direct learnings from these talks and apply them literally with minimal change, but with benchmarking the initial metrics, examining the difference once recommendations are applied, and tweaking these with our own insights, we can maximise the impact.
Whilst the wealth of talent and expertise of the speakers at Brighton SEO was at a very high standard, SEOs shouldn’t rest on the laurels and only go as far as these talks suggest, but leverage their own expertise and knowledge, pairing it with the expertise from these conferences to get the best results. Building upon some of the strategies outlined at Brighton SEO and putting our own SoBold-spin on these is already bearing fruit, and testing is at the heart of this.
Final Thoughts
From the importance of solid fundamentals to embracing AI’s potential while recognising its limitations, these takeaways are invaluable for SEOs and developers alike. By testing, adapting, and collaborating, we can turn these learnings into impactful strategies allowing us to navigate the uncertainty of Google Updates, as we look ahead to the next conference in April.
Would you like these insights straight to your mailbox?
Industry News
25 April, 2023
The Changing Roles of Web Design and Development in the Age of AI
Summary
In the first few months of 2023, generative AI has burst on to the scene and begun to change our relationship with technology forever. Already, there’s plenty of evidence to suggest that people in a wide range of jobs will have to adapt quickly or risk being replaced. In this article, we explore the impact AI is having on the web design and development industry, as well as how businesses, and people, should approach working with this innovative technology.
———
AI tools are nothing new. We’ve all been using them for years, from chatbots to predictive text to voice-controlled assistants like Siri and Alexa. But the recent mainstream adoption of AI tools such as Chat GPT, and the rapid advancement of the technology itself, has caused huge disruption across a number of industries.
Many assumed that people like marketers, software developers, and UX and UI designers would be some of the last ones at risk of having their jobs taken by AI, due to their need for creative skill and use of human emotion. Ironically, these roles have been some of the first to come “under threat” over the past few months.
AI’s speed and efficiency is already forcing us to ask questions about the future of the web design and development industry. With that in mind, one question in particular has dominated discussion online so far this year:
Are our jobs in danger of being taken by AI?
By now, you’re almost certainly aware that AI offers incredible value by accelerating workflows and augmenting skills. Some of the most beneficial use cases lie in:
AI can also devise entire business and marketing strategies, solve complex problems, and even create its own AI-powered applications from scratch. Perhaps most importantly, it can do all these tasks in a matter of seconds, when most of them would take a human several hours, days or even months.
The Latest News and Tools (at the Time of Writing)
Over the past few months, there are more and more AI-powered tools being released on an almost daily basis.
The number of AI tools that have been released recently is staggering, and the capabilities of some of them is truly mind-blowing. Just last month, in March 2023:
It’s both exciting and terrifying to think these highly intelligent tools are just the tip of the AI iceberg. When you consider how common it’s now become to use AI to develop even more advanced AI, it seems that the rate of evolution will only continue to increase exponentially from here.
How is AI Transforming Design and Development?
While these AI tools are extremely impressive, it’s not as straightforward as simply plugging them in and sitting back while they literally do your work for you. It’s possible we may get there one day, but right now we believe we’re a long way off.
These tools are highly sophisticated and intuitive, and their adoption is probably going to change the way we all work forever. However, this should be seen as technology that will augment and enhance people’s ability to do their jobs, or create new jobs entirely, rather than “steal” them away from us.
The current use cases for AI are mostly just ways for you to do your work, much faster and more effectively. This could either be done by automating processes to save time, or by supplementing your existing skill-set with new capabilities with the help of AI. For example, if you wanted to convert your code from one language into multiple languages, you would be able to do this with the help of Chat GPT.
When it comes to user experience (UX) design, one crucial thing AI will always be missing is human empathy, emotion, and understanding. A company looking to create a high-performance website that supports their strategic business goals and engages their target audience will fail if they don’t take into account human understanding and collaboration between them and their web development agency.
Outlining the What and the How is important, but the Why is arguably what drives great UX and UI.
“Design is not just a visual experience, it’s an emotional one. It should make people feel something.”
Nathan Shedroff, Author and Professor of Design Strategy
UX design is a nuanced, collaborative process, focusing on the specific requirements of the business and the specific needs of the target audience. You can save a lot of time using AI to produce a high volume of early conceptual designs or accelerate your copywriting process. But without the human element, none of these things will be authentic or anywhere near the required standard.
Potential Concerns and Risks with AI
Of course, we’ve not even mentioned the rising concerns and risks associated with AI yet. Just last month, over 1,000 technology leaders and influencers signed a petition to halt the development of generative AI until more governance can be introduced to ensure its safety.
There are still some serious grey areas regarding the use of this technology in business as well, from regulations and legal implications to the copyright of creative work like logos and images. These are providing opportunities for a wide range of new forms of cyber crime, phishing, and “deep-fake” imitations which could spiral out of control if left unchecked.
There are also plenty of moral issues surrounding AI that we must consider. For example, what implications will there be for our society if global businesses do begin replacing humans with AI on a large scale?
A key concern is that Generative AI is also having a significant impact on the environment, which is a conversation most people seem to be avoiding for the time being. With the global fight to reduce carbon emissions intensifying, and more businesses placing sustainability at the core of their values, there needs to be some action taken to balance those priorities with the efficiency and speed enabled by AI.
The SoBold Perspective
From our perspective, as a leading design and development agency, we believe that people will always want and need to work with other people. Personable relationships, real-life experience, and critical thinking are all essential parts of our work. In many cases, that’s also what many of our clients value most about our services.
Granted, we’re always looking for innovative new ways to push the boundaries, and AI is an incredible tool that will help us do that. But it won’t replace crucial human characteristics like empathy, emotion, and subjective opinions.
It will, however, help us spend less time on low-value tasks, and more time to focus on building stronger relationships and gaining a deeper understanding of our clients’ needs. That will only result in improving the work we deliver, which is something we’re always striving to achieve.
The Verdict on AI (for Now)
This year will probably be looked back on as a turning point in history when AI was introduced to the world. But this technology won’t replace too many jobs just yet. Instead, it will enhance our ability to work smarter, faster, and more efficiently.
For now, the only people at risk of losing their jobs to AI are those who fail – or refuse – to adapt to this new way of working and embrace the change. Similarly, if you’re using AI because you’re being lazy or complacent, that will also cause problems. You should never use work produced by a generative AI tool without checking its quality and accuracy, and you’ll always need to add a human touch before considering it finished.
On the other hand, if you’re forward-thinking and agile, embracing AI will make you exponentially better at your job. Here at SoBold, we’re personally most excited by how AI has the potential to help us vastly improve the service we deliver for our clients.
Of course, this technology is evolving so fast that it’s difficult to predict where we’ll stand a year from now. We’ll be discussing this, and lots of other important trends, in our new monthly newsletter.
Would you like these insights straight to your mailbox?
UI Design
18 April, 2023
Understanding the Important Role of Research and Planning When Designing a New Website
Before you begin working on the design elements of a website project, it’s important to begin with, what we at SoBold call, a research and planning phase.
The purpose of a research and planning phase is to ensure that every single decision you make about your design will result in a more effective website, both in terms of your business goals and your users’ needs.
During this phase, you’ll work alongside your chosen agency to define the full scope of your website and all its requirements. This phase will also involve looking closely at your target audience, trends in your market, your competitors, and any data available from your existing website.
This research is extremely useful in shaping the direction you take with your website and helping you to capitalise on certain trends that may align with your strategic objectives.
In this article, we’ll explain how a research and planning phase works to help you know what to expect when entering your own website design project.
If you’d first like to gain a better understanding of the full end-to-end process of web design, read our previous article here.
Website Strategy Workshop
A research and planning phase usually begins with a strategic workshop. This workshop will bring all the relevant stakeholders together, either in person or over a video call, to agree on the goals and parameters of the project.
A workshop is a great collaborative environment to help your agency become even more familiar with your brand, your target audience, and the outcomes you’re looking for from your new website.
Your agency should work closely with you to determine how the objectives you have for your new website feed into your wider business goals. That will be the key to finding the right approach to designing your website.
Once the workshop is completed, the research can begin.
Leveraging Data to Dictate User Experience (UX) Decisions
Every decision you make about your website’s design needs to be informed and justified by data.
As it’s becoming increasingly difficult to capture and retain your audience’s attention, nothing can be left to chance. It’s also negligent to overlook the vast range of valuable insights available to you within your data, and the data in the public domain.
Google Analytics
Your agency should begin by analysing the performance of your website in Google Analytics. This can help to help understand the current behaviours and trends from your website users.
Most businesses use Google Analytics, but few understand the right things to measure. For many businesses, Google Analytics is an untapped gold mine of data and insights that can help you improve site engagement, retain more visitors, and ultimately grow your business.
You can conduct a thorough analysis of things like:
1 – Your Audience Acquisition
Google Analytics can help you identify where your visitors have found you and accessed your website from.
Whether through organic search, social media, direct, or referral, you’ll learn how all your visitors are acquired. This information is vital, as it can allow you to tailor different parts of your website to certain visitors at various stages of their journey with you.
For example, if organic traffic is a key driver of your website traffic, it’s important for your agency to ensure that lots of the hierarchical structure of copy is maintained throughout the site.
This is also helpful in optimising your wider digital marketing strategy, by recognising what’s working well and what isn’t, from a web traffic perspective.
Bonus Tip – If you’re running Google Adwords, make sure your agency partner is aware of all the URLs that need to be redirected, and that this doesn’t affect your ad spend.
2 – Your Visitors’ Demographics
Google Analytics can provide detailed insights into your website’s visitors, with data covering everything from age, gender, location, language, and more. This helps you gain a clear, specific understanding of who’s coming to your website, and that can inform important decisions about your design.
It will also help you determine whether or not you’re attracting the right audience, which could alert you to a need for changes in your design and branding.
Bonus Tip – If you have a lot of visitors from other countries, you may need to talk to your agency about setting up a content delivery network (CDN) on the hosting server to deliver content from that location.
3 – Your Visitors’ Interests
You can use Google Analytics to view information about your visitors’ interests, past searches, and other online behaviour. This can help you identify what they’re looking for when they’re visiting your site. You can then tailor your design and content to match any unaddressed questions, challenges, or needs they might be looking to meet.
4 – Your Visitors’ Behaviour
Google Analytics can give you a graphical representation of your visitors’ behaviour when interacting with your site. This includes where they’ve entered your site, where they went next, what their whole journey through your site looks like, and where they eventually left.
This provides great opportunities to optimise certain pages that aren’t performing well enough. You can also learn what your visitors respond well to from pages that already have strong engagement.
Mapping your users’ journeys may also uncover insights to help you create links between certain services, hone in on special offers that will drive increased conversions, and many other ways to boost engagement.
5 – Your Conversions
Your conversions are a critical measurement of your site’s success. Whether you’re aiming for subscriptions, demo sign-ups, contact form submissions, downloads, or anything else, failing to achieve your conversion targets means something isn’t working.
You can use Google Analytics to set goals for conversions, monitor performance, and highlight areas where you need to improve.
Taking this analytical approach will ensure your website’s design is tailored to supporting your strategic objectives.
Bonus Tip – On July 1, 2023, for continued website measurement, you’ll need to migrate your original property settings to a Google Analytics 4 (GA4) property. Your agency partner should be on top of this though.
Data Tracking
Next, if applicable, your agency should review any existing tracking resources you have in place on your website.
A successful website design is based on many different factors, each an important component in engaging your audience, converting them into clients, and growing your business.
This is why it’s useful to look into key metrics you may use to measure your success against, then use the related data and analytics to inform your design. Tailoring your UX based on your findings will ensure your website is designed specifically to optimise your user behaviours.
Bonus Tip – If you don’t have any additional tracking in place, both HotJar and Crazy Egg are great tools to use.
Analysing External Factors
Understanding Your Target Audience
One of the most important parts of building a new website is understanding the preferences of the audience you’re targeting. You know what your ideal customer profiles (ICP) look like, but do you understand how they behave when interacting with websites online?
Every decision about your website’s design must be made with consideration and empathy for your users. As touched on in the previous section, audience research will include a wide range of variables, including:
This part of the research will contribute towards building user personas and user journeys at a later stage of the design process.
A user persona is a fictional person that you can use to represent the target audience of your website. These personas will help you focus on the desired interactions between the ideal user and the website you’re building. Creating personas also helps to map the users’ needs to your goals for the project.
A user journey is a path that a user may take to reach their goal when using your website. Hypothetical user journeys are created at this stage, as they help to identify the different ways the site’s design needs to enable the user to achieve their goal as quickly and easily as possible.
With these, you can begin to paint a picture of how your target audience will interact with your website, allowing you to create a satisfying user experience.
Industry Landscape
Researching your industry landscape will reveal a great deal about what to do, and what not to do. An analysis of the wider market you operate in will help you benchmark yourself against industry leaders, and highlight mistakes being made by any businesses lagging behind. It’s useful to be aware of any industry trends or points of influence that may inform your website’s design as well.
Bonus Tip – You’re an expert in your industry. Your agency is not, but they are experts in web design and marketing trends. Work closely together by leveraging each other’s knowledge and expertise to paint the full picture of what makes modern websites successful from a design perspective.
Competitor Research
It’s also crucial to conduct a thorough competitor analysis to see what the benchmark is for a successful website in your industry. Conversely, some competitors may provide examples of bad design that can help you identify pitfalls to avoid with your own site.
Around five of your competitors is usually a good number to look into. To do this, your agency should work with you on assessing their websites in key areas such as:
This research will allow you to recognise opportunities, gaps in the market, important trends, and any other insights you can gather.
Making Data-Driven Decisions
Following all this research, your agency will work on developing a strategy for your website, recommending the optimum route through the rest of the design process.
Your agency will provide a report detailing all the findings from the strategy workshop and research. This should often include a sitemap document and a content framework for your site as well.
An agency should always provide the opportunity for feedback and iterations on crucial documents like this, so you should then be given time to review this and provide feedback.
Bonus Tip – Don’t be afraid to ask questions, challenge things you’re unsure about, or change your mind during this feedback and revision process. These are big decisions, and it’s important to be 100% sure about the direction your website’s design is being taken.
Once you’ve worked through this feedback with your agency and you’re happy with everything they’ve planned, you can then move into the phase of the project that focuses on the visual identity of your site.
Bringing it All Together in the Design
A thorough, well managed research and planning phase is an essential part of designing a successful website. By having a strategy backed up by tangible data in place, you’ll be able to work through the remaining phases of the overall design process in a more efficient and effective way.
It also helps anticipate any challenges or potential issues in the design process and allows you to mitigate them before they arise, saving you time and money in the long-run.
This phase is arguably the most important in ensuring your agency can meet your specific requirements and expectations, on time and within budget.
If you’d like to discover what’s involved in the next phase of a web design project, exploring the visual identity of your site, read our next article here.
Would you like these insights straight to your mailbox?
