Back in early October, SoBold made our debut visit to Brighton SEO. Since then, we’ve been busy putting the invaluable lessons from the event’s talented speakers into action, all while navigating Google’s November and December Core Updates. Now the dust has (hopefully) settled on the update-front, and the with next iteration of Brighton SEO still a few months away, we’ve taken the opportunity to reflect on our key takeaways and their impact on our approach.
A functional relationship with your development team is critical for SEO success
During Brighton SEO, a recurring theme across different talks was the challenges SEOs face when working with development teams, particularly those that operate in silos. Whether in-house or outsourced to separate agencies, a lack of communication, deprioritised SEO tickets, and limited understanding of SEO best practices often lead to delays, errors, and missed opportunities. Many speakers and attendees expressed frustration at the need for excessive hand-holding to ensure even basic tasks were actioned correctly.
At SoBold, we avoid these risks with a collaborative effort between our development and SEO teams. As a WordPress-first agency, our integrated approach ensures SEO tickets are prioritised appropriately, and implemented to the highest standard. By removing barriers between teams, we’re more efficient and deliver results that drive SEO success.
Don’t discount the basics
It sounds very simple, but one of the biggest takeaways from Brighton SEO was how critical the fundamentals remain to SEO success. Numerous case studies and real-world examples shared by speakers reinforced that many websites fail to rank well simply because they lack a strong foundation. While advanced techniques and tools may sound exciting, the potential is often wasted on websites that haven’t addressed core issues.
Speakers emphasised that getting the basics right still yields some of the highest returns. Core Web Vitals, metadata optimisation, fixing 4xx and 3xx errors, a clear site hierarchy and URL structure, proper indexation, robots.txt configurations and ensuring basic analytics are in place all play a pivotal role. These essentials are often the difference between stagnation and significant ranking improvements. Ensure your fundamentals are sound before turning to more advanced methods and strategies.
AI can be a game-changer for audits, but nothing beats human written content
AI has been the buzzword of the industry in the past two years. Incorporating AI into everyday tasks to maximise efficiency was a key theme at Brighton SEO, specifically the use of AI to streamline time consuming tasks like audits and data analysis.
Audits are central to developing an SEO strategy and crafting roadmaps, and leveraging different AI and machine learning strategies to research, collate, and organise relevant data was a hot topic at the conference, with lots of very knowledgeable people offering extremely useful and actionable insights into how existing workflows can be enhanced through AI.
By leveraging AI tools and machine learning, SEOs can quickly identify technical errors, gather keyword insights and generate comprehensive reports, freeing up more time for the higher-impact strategic work. Speakers showcased actionable ways to integrate AI into workflows, potentially revolutionising the process of audits, roadmaps, and reporting.
However, there are clear limits to the use of AI. While it excels behind the scenes, it falls short when it comes to creating authentic, engaging content. Google’s guidelines, a number of algorithm updates, and leading voices within the SEO community on social media continue to emphasise that nothing beats human-written content based on real expertise and experience. The message was clear: AI can enhance efficiency, but content that resonates with users, builds trust and meets the intent of the searcher must remain in the hands of skilled human writers.
Google’s AI snippets are traffic thieves
Generative AI has been a hot topic across numerous industries since the launch of ChatGPT 3.5 in November 2022, especially in SEO. Google has released numerous updates (to mixed responses) to combat the large influx of AI generated content and the ability for anyone to churn out masses of content on subjects outside their areas of expertise.
There’s no doubt the rise of AI sent internal shockwaves at Google, who had to quickly innovate to withhold a potential threat to their dominance. As a consequence, they released the Google Generative AI Snippets, which generates AI answers at the top of the search results for a range of queries, based on information it’s gleaned from the top ranking pages for said query.
While the concept may seem beneficial to users, the reality is stark for website owners and their SEOs: visibility is drastically reduced. Data presented at Brighton SEO revealed that URLs in Position 1 under these snippets suffered traffic drops of 70%.
Many SEOs and site owners argue this practice borders on theft, as Google repurposes content with minimal credit or incentive for users to click through, and wouldn’t be able to surface any of this content without the websites creating it in the first place. This controversy isn’t going away anytime soon, and SEOs will need to strategise carefully to adapt to this new reality.
Test, test, and test again
Many of the talks were very insightful, offering new methods and solutions for a range of tasks. But each website is different, and what may have a profound impact on one website may not do the same on another.
There are very little one size fits all in SEO, and our testing of the new methods and techniques detailed at Brighton SEO has shown just that. We can take the direct learnings from these talks and apply them literally with minimal change, but with benchmarking the initial metrics, examining the difference once recommendations are applied, and tweaking these with our own insights, we can maximise the impact.
Whilst the wealth of talent and expertise of the speakers at Brighton SEO was at a very high standard, SEOs shouldn’t rest on the laurels and only go as far as these talks suggest, but leverage their own expertise and knowledge, pairing it with the expertise from these conferences to get the best results. Building upon some of the strategies outlined at Brighton SEO and putting our own SoBold-spin on these is already bearing fruit, and testing is at the heart of this.
Final Thoughts
From the importance of solid fundamentals to embracing AI’s potential while recognising its limitations, these takeaways are invaluable for SEOs and developers alike. By testing, adapting, and collaborating, we can turn these learnings into impactful strategies allowing us to navigate the uncertainty of Google Updates, as we look ahead to the next conference in April.
Would you like these insights straight to your mailbox?
- 24/7 support
- Back-up and disaster recovery
- Fully-managed service
- Automated monitoring and alerts
- 99.99% up-time
- 100% pass-rate for data centre audits.
- WordPress by itself, out-of-the-box, is secure enough for most businesses to use.
- WordPress in the hands of an inexperienced or negligent agency will create significant security risks.
- WordPress is the hands of a dedicated, specialist partner is a platform you can trust and rely on without any concerns.
- Configured firewall options, IP access lists, and anti-phishing attack technologies
- Full responsibility for rapidly patching OSes and libraries
- Long-term-supported Linux distributions for maximum security.
- Compliance with ISO 27001/PCI-DSS/TIA-942
- A 100% pass-rate for any data centre audits
- 24/7 data centre staffing with experienced engineers and specialist security teams
- Document review services for your external audits
- Bespoke consultancy available if you have any major certification requirements.
- A fully-managed service provided by a team with decades of experience
- Round-the-clock, hands-on assistance, 365 days per year
- Deep technical understanding and expertise
- Proactive support from dedicated engineering teams and account managers
- High-level consultancy, including advice on new projects and technologies.
Latest from agency
19 May, 2023
WebFlow vs WordPress: Which Platform is Right for You?
Finding a content management system (CMS) that is secure, cost-effective, and capable of delivering a website that meets all your requirements can be challenging.
As we’ve discussed in a previous article, there are lots of excellent CMSs available today, and it’s difficult to know which one will be the best fit for your specific business.
While most CMSs appear similar on the surface, with the same fundamental functionality, popular platforms like Webflow and WordPress have unique features and capabilities that differentiate them from each other.
So, selecting between these two different platforms is an important process that requires careful consideration. After all, your CMS is a long-term investment, and you need to know exactly what you’re getting before you make your decision.
To ease this challenge for you, this article will provide a direct, objective comparison between the Webflow and WordPress platforms.
An Overview of Each Platform
You want a CMS that will enable you to build sophisticated, high-performance websites, tailored to your business, with a set of tools that are simple and easy-to-use.
Webflow and WordPress can both give you exactly that in their own distinctive styles. Both platforms allow you to build and manage complex websites without deep technical knowledge, but they each take slightly different approaches.
Webflow
Webflow is a software-as-a-service product, not a typical CMS. That means it doesn’t require any hosting and is primarily delivered via Amazon Web Services (AWS) cloud servers.
As it’s a complete, mostly self-contained SaaS application, with everything built-in to it from the start, you can get up and running with your Webflow website quickly and easily.
You can use Webflow as a basic no-code website builder straight away. However, as you’ll certainly want to create a more dynamic, engaging website with a high volume of content, you’ll have to enable its CMS functionality to get up and running properly.
WordPress
WordPress, on the other hand, is a more traditional CMS, intended to build highly scalable, dynamic websites full of rich content. The platform will need to be downloaded on to hosting servers, which can all be taken care of for you if you’re going to be working with an agency partner.
WordPress is also a free, open-source platform, which means all users have access to its code. That allows talented developers to contribute to improving the platform with innovative new additions and enhancements on a near-constant basis.
As WordPress is used to build almost half the websites online today, it also has a global community made up of millions of users who offer support, collaboration, knowledge sharing, events, and much more.
Approachability and Ease-of-Use
A shared benefit of both Webflow and WordPress over certain other CMSs is their ease-of-use.
Both these platforms are approachable with low barriers for entry, even if you don’t have any existing coding or content management experience.
Webflow’s Usability
As a low-code or no-code SaaS tool, almost anyone can use Webflow to build a website.
It provides a visual drag-and-drop builder with an emphasis on enabling users to create websites quickly and easily.
When using the CMS functionality to add more content to your website, like blog posts, the CMS is simple, allowing you to publish and manage the pages of your site with great efficiency. This is in the style of a classic content editor, which will probably be familiar to you.
WordPress’s Usability
Almost anyone can use WordPress as well, even if you have no previous content management experience, hence its global popularity. In fact, simplicity and usability are arguably some of WordPress’s greatest strengths.
Almost everything you’ll need to set up and manage your website will be readily available when you first start using WordPress, making it very approachable. The platform provides you with an intuitive user interface (UI) that allows quick and easy publishing, management, and editing of content.
This is made even more efficient thanks to WordPress’s block-based editor. This is a method of building websites that offers significant advantages in flexibility, scalability, and ease-of-use.
Particularly for large-scale websites that are likely to grow and evolve, this can save your developers valuable time and money, while also reducing your time-to-market.
You can learn all about the advantages of the WordPress block-based editor in our related article here.
Their Features and Functionality
For your investment in your CMS to be successful, it will need to have a range of features and functionality which allow you to create a website that delivers on your business objectives.
Webflow’s Features
As touched on earlier, Webflow is a SaaS application in which almost everything you need is included as standard.
The core Webflow platform is all you need to build your site, although your agency will be able to add extra features for you by embedding code snippets from other services if you need them.
For example, if you want to create the ability for your visitors to subscribe to your site as members, you could take code from another platform that facilitates subscriptions and use that to integrate the functionality.
This is where the platforms start to deviate in approach. Webflow’s self-contained nature perhaps makes it a simpler platform because it doesn’t require many plugins, but that also makes it a lot more limited than WordPress.
Because Webflow doesn’t offer any plugins, you won’t be able to add many extensions that work directly in the Webflow interface. This prevents you from having one unified approach to your website management and marketing.
WordPress’s Features
Most of the things you require to publish content and manage your website on a daily basis come readily available on the WordPress platform. WordPress’s sophisticated, dynamic features that come “out-of-the-box” are a great point of value.
However, if you do need to go beyond the standard functionality of WordPress, that can also be done with relative ease. Working with an agency with WordPress-specific expertise means that you can develop bespoke features and functionality unique to your website with almost no limitations.
This allows you to tailor your CMS to meet your specific needs, and working with an agency to achieve this can still be very cost-effective.
Not only that, but passionate members of the global community are always working hard to create new features and extensions that continue to improve the capabilities of the platform for free.
How Well do they Integrate with Other Systems?
Beyond features, extensions, and plugins, your platform of choice should also be able to integrate easily with other tools and systems that are already present within your business.
Integrating with your customer relationship management (CRM) platform, your email marketing system, and other software products is an important quality for a CMS to have.
Integrating with Webflow
While Webflow can integrate with some third-party tools, this is another area where the platform is somewhat limited. You can integrate your Webflow site with other tools, but there aren’t many native integrations available. Your agency partner will need to use more code embeds to achieve this, and you’ll have to use separate interfaces in many situations.
For example, using a lead generation form from your CRM on a Webflow site will require you to build the form in the CRM first, then add it to your web page using the embed code.
Not only does this approach create inconvenience for you and your team, but the extra time spent by your agency on more complex integrations will increase the overall long-term cost of the platform.
Integrating with WordPress
Thanks to WordPress’s vast popularity, and the work of the global community, there are native plugins that can seamlessly integrate your WordPress site with almost any other tool or system.
Simply add a plugin for any third-party tool to create the ability to access that tool’s functionality directly within your WordPress CMS.
Even for more advanced requirements that need some bespoke development, like cross-platform automation, it’s usually an easier job for your development agency than it would be with most other platforms.
How Secure Are these Platforms?
Security should be a top priority when selecting a CMS. Concerns over cyber security and data protection are ever-increasing for businesses, so you need to ensure something as important as your website is fully secure.
Webflow’s Security
Webflow is mostly based on AWS, an industry leader in secure hosting, so you can rest assured your platform will be highly secure. Webflow also has additional protective measures in place to bolster the security of all the data on the platform.
Again, because it’s a SaaS product, this all comes out-the-box and doesn’t require you to take any steps yourself to secure your site.
However, that does mean you’re entirely reliant on Webflow to ensure that security is continually updated and reinforced. Neither you nor your agency partner have any control over the security of your site, which some businesses see as a negative.
WordPress’s Security
Your agency partner will typically be responsible for the hosting, maintenance, and security of your WordPress platform. We mention hosting and maintenance here because these things are influential towards ensuring your platform, and your website, are kept secure.
WordPress is already a very secure platform out-of-the-box, though. There’s no need to think that WordPress’s protection is not robust enough for a large business, even in today’s volatile security landscape. Evidence of this security can be found in the number of global enterprise businesses that have chosen WordPress as their CMS.
Of course, there are vulnerabilities that can arise in certain scenarios, like if your platform isn’t kept fully updated on a constant basis. For this reason, it’s crucial to work with an agency partner who you can trust and rely on when it comes to security, including enterprise-grade hosting and continual platform maintenance.
You can learn more about the security of the WordPress platform in our in-depth guide here.
You can also discover 10 useful tips to further improve WordPress security and minimise your risks here.
The Overall Cost and CTO
As mentioned earlier, your CMS is not only a big investment, it’s also a long-term one. You ideally need to find a platform that offers good value for money, and a low total cost of ownership (TCO), in order to achieve a strong return on investment (ROI).
Your TCO will be determined by combining everything from your hosting costs, license fees, work with your agency, maintenance, bespoke development, and more.
Webflow
In terms of costs and plans, Webflow is more expensive than WordPress. This SaaS product offers two different types of plans, a site plan and a workplace plan.
The average enterprise business with a dynamic website will be looking at costs of between £300 and £500 with Webflow. This makes it a far more cost-effective alternative than large-scale CSMs like Sitecore.
As discussed throughout this article, though, Webflow’s lack of native plugins and integrations will also make bespoke development work more difficult and time-consuming for your agency. This will inevitably drive up the platform’s TCO, and that’s something you should carefully consider when evaluating your options.
WordPress
WordPress is a more cost-effective platform, with a generally low TCO for most businesses. Its open-source nature means it’s free to use, limiting your initial costs to just hosting, agency fees, and post-deployment support. Any plugins or extensions of the platform will be licensed and paid for separately.
Since WordPress is such an intuitive and easy-to-use platform, any bespoke development work you need your agency partner to complete will still come at a reasonable cost. Similarly, whenever the WordPress platform is updated, testing and maintaining your site can be done in just a few hours. This creates a significantly lower TCO than you’d have with almost all other enterprise CMSs.
Make the Right Choice for Your Business
Webflow and WordPress are both good platforms in their own right, with plenty of value to offer. The key thing to understand when making this comparison is that your CMS of choice needs to align with your business’s unique requirements and specific objectives.
For instance, Webflow might be a suitable choice for one of your smaller competitors, but that doesn’t mean it will necessarily be a good fit for you if you need more advanced features and functionality.
Whether you’re developing a bespoke website from scratch, or migrating your existing site to a new platform, you must ensure your CMS can deliver on your needs both now and as your business grows over time.
If you need further help selecting a CMS for your website project, read our comprehensive guide to understanding and evaluating the options for large businesses here.
Would you like these insights straight to your mailbox?
Announcement
1 November, 2022
SoBold announce Cyber Essentials certification
SoBold announce their Cyber Essentials certification for the third consecutive year which demononstrates their commitment to delivering secure technical solutions to their new and existing clients.
Cyber Essentials is scheme which helps guard your organisation against a range of common cyber threats. SoBold’s resilience across a range of internet facing devices was tested and approved, ensuring there were not any major critical vulnerabilities discovered
SoBold Technical Director, Sam Phillips said:
With an ever growing cyber threat, Cyber Essentials certification is becoming more and more important to maintain. Protecting both our clients data and websites is of the upmost importance and successfully passing the more thorough Cyber Essentials guidelines new for 2022 shows our commitment to this.
Would you like these insights straight to your mailbox?
Digital Business
25 January, 2023
Is WordPress Secure Enough for Large Businesses?
Summary
Despite being the most popular content management system in the world, many large businesses and organisations in strictly regulated industries are still asking, “Is WordPress secure enough for us?”
This article will give you a detailed explanation of how WordPress can provide enterprise-grade security, to help you make your own decision about whether it’s secure enough for your own business. We’ll also share some helpful tips to enhance the platform’s security and reduce its risks even further.
As technology has become more pervasive in our daily lives, cyber security concerns have intensified, especially in the workplace. Each year, we read about more high-profile cases of global brands becoming victims of malicious cyber attacks, most often with sensitive data being the real target.
As a business, you should be increasingly careful and vigilant about the technology solutions you deploy today. This is even more important for large businesses and organisations in industries with strict regulations, where the consequences of security issues can be catastrophic.
When you’re choosing a content management system (CMS) to build critical digital assets like your website, security must therefore be a top priority.
Despite being the most popular CMSs in the world today – powering almost 45% of the world’s websites – WordPress is still seen by some as the platform for smaller organisations. You’d think its popularity alone would be sufficient evidence that WordPress is secure, especially as a large fraction of that user base includes enterprises across both the public and private sectors. However, when it comes to WordPress security, there are still some question marks.
So, is WordPress secure?
Yes, absolutely.
But there are certain factors and potential pitfalls you should be aware of if you’re considering WordPress as your CMS of choice.
Understanding Security in a CMS
As business challenges with cyber security and data protection continue to grow, selecting a platform that offers robust security is crucial. But how does that work, exactly?
Ultimately, a CMS like WordPress is just a piece of software, and all software can be vulnerable to security issues in a variety of ways.
The most obvious of these is a cyber security attack, either by hackers, a virus, or malicious software (malware). Any CMS used in a business environment needs to be built to withstand these attacks on a daily basis, and WordPress is definitely capable of doing so.
Another significant risk is when software has accidental weaknesses, issues, or vulnerabilities – known as bugs – built into its code. Bugs are common in software, and they can manifest as anything from a box appearing in the wrong place on your website to a platform vulnerability that leaks mission-critical data to cyber criminals.
Bugs aren’t difficult to fix, and we’ll explain later in this article why WordPress users can be confident that these kinds of risks are minimal with the platform.
However, when it comes to a CMS’s security, it’s important to understand the following point:
The biggest security risks, and the greatest opportunities for cyber criminals, are unsafe user behaviour, lack of best practices, insufficient maintenance, and poorly built sites. Not the platform itself.
Your behaviour, and the behaviour of your end-users, is an area that can be exploited or cause problems if you don’t prioritise security. That’s why it’s necessary to take a proactive, rather than reactive, approach to protecting your data. The rest of this article will help you do that, and remove any concerns you still have about WordPress security.
Is WordPress Secure?
The misconception that WordPress isn’t secure enough for large businesses still lingers, but why? Well, the main reason is because the platform is free-to-use, and so it was initially most popular among B2C blogs and smaller independent businesses.
Today, however, this couldn’t be further from the truth. Industry-leading enterprises such as private equity advisory firm Rede Partners LLP, global investment firm Coller Capital, and global research and advisory leader Forrester use WordPress for their CMS, just to name a few. This goes a long way to proving the apprehension towards WordPress security is unnecessary.
So, let’s explore the WordPress platform in more detail to understand why these global enterprises have full confidence in the security of their data, as well as the data of their clients and partners.
WordPress is already a secure, stable platform out-of-the-box.. You can rest assured its core code is highly secure, because it’s overseen by a team of security experts who thoroughly test and quality-check it on a continual basis. They regularly release updates and reinforce any potential weaknesses before they’re exploited to protect you against any new-found threats.
A team of security analysts study the ever-changing cyber security landscape and respond to it with speed and precision.
While WordPress may be seen by some as a CMS for small businesses, the speed at which security updates are implemented is arguably the best in the world when compared to other platforms.
WordPress is also open-source software, which means all the code it’s built on is available to the public. Anyone from outside the WordPress team can view it, download it, and make adjustments to it. Users often suggest their own changes and updates to the code by submitting them to the WordPress moderator team for approval. If improvements are made to the WordPress code, these updates will be released to the global user base.
These people are part of a global community of dedicated, passionate users who work hard to ensure the platform is always developing into the best version of itself possible. Anything WordPress’s own team misses, the developer community will catch. This means users are often fixing bugs and shutting down potential opportunities for cyber criminals, keeping the platform safe for everyone else.
WordPress Security Vulnerabilities
While WordPress does have the support of some of the brightest developers in the world, who keep it as secure as possible, they can’t take care of everything for you. As mentioned earlier, your biggest security risks will probably lie within your own business, regardless of what CMS you’re using.
Additional security vulnerabilities can arise in certain scenarios, often caused by ignoring best practices or failing to take responsibility for simple maintenance of the platform.
Web Hosting
Your hosting environment is an important factor that can influence how secure and protected your data will be. Your WordPress websites will be hosted in a server that stores your files and data in a data centre.
WordPress, like any platform, should be hosted in a secure environment, with an experienced provider who prioritises security as part of their services. This should include putting proactive security measures in place for scenarios like unplanned down-time or even natural disasters.
Secure hosting should also involve automated monitoring for malicious activity and vulnerabilities in your servers and software, as well as incident response.
Before choosing your hosting service, be sure to carry out some due diligence and look into the security best practices of your host. In many cases, it’s wise to work with an agency partner who will help you with this, but more on that later.
Plugins
While the WordPress community is one of the platform’s greatest strengths, interacting with unsafe additions to the software can also be its downfall for some businesses. It’s important to be cautious of the constant stream of new features, updates, and plugins being made available, because some of them could create issues for you.
To avoid these problems, you shouldn’t download plugins unless they come from recognised, credible sources. Furthermore, you should always ensure all your plugins are correctly tested, maintained, and updated.
We appreciate this may sound complicated. For that reason, you should entrust this responsibility to a partner. When using WordPress to build and manage websites, a good agency should help you ensure everything is secure and up-to-date.
Software Updates
When you’re running a website or application on WordPress, you’ll regularly receive software updates from the platform. Any time an update comes through, it’s because certain bugs have been fixed or some improvements have been made.
It’s crucial that you keep up with WordPress updates because they’re there to keep your site secure. By leaving your site running on outdated versions, you’re at risk of a known issue being exploited by cyber attacks. Again, this should be taken care of by your agency partner so you don’t need to worry about keeping your web platform up-to-date.
Tips to Strengthen WordPress Security
If you still have doubts, there are some simple steps you can take to further strengthen the security of the WordPress CMS. Some of these more general tips can also be applied to most website platforms and other software software products in general as well.
Use a managed hosting service that offers enterprise-grade security.
You wouldn’t rent an office in a building that leaves its doors unlocked at night. Why would you place your sensitive data in a data centre that isn’t fully secure?
Some things you should consider non-negotiable for a web hosting provider to offer include:
Put back-up and disaster recovery services in place to ensure you’re protected from all potential risks.
To build on the above point, ensure your hosting service has measures in place for back-up and disaster recovery. This fail-safe measure will give you a way to save and recover all your data in the event of any losses.
Do not use, or allow your agency to use, any plugins from unrecognised sources.
As mentioned earlier, only use plugins from sources you trust. You should also keep all plugins and additions to the platform up-to-date, and make sure they’re rigorously tested – or, rather, make sure you can rely on your agency partner to do this for you behind the scenes.
Use plugins alongside security-specific enhancements.
You can further bolster the security of the WordPress platform by leveraging security-specific plugins such as WordFence, Sucuri, and Defender Pro. These can inform you of potential vulnerabilities or incidents so you can respond quickly before they have an impact on your business.
Don’t use tools that enable direct access to your site database from within the dashboard.
Some digital tools or extensions give direct access to your site’s database or files from within the dashboard, to make managing your website easier. This is something to avoid, because they’re often a major security risk.
Enable SSL
Enabling SSL (Secure Sockets Layer) introduces a protocol which encrypts the transfer of data between your website and your users’ browsers. This makes it more difficult for cyber criminals to steal information and data online.
Encourage your users to follow security best practices.
You can put all the security measures and data protection possible in place, but they could all be for nothing if a weak password or bad behaviour compromises your website.
Some security best practices every business can easily implement include making strong passwords compulsory among all users and introducing additional measures like two-factor authentication.
Rely on an Expert to Minimise Your Security Risks
As touched on throughout this article, another factor which will determine how secure your WordPress platform is will be which agency you decide to work with.
While deciding whether to invest in WordPress is a big decision, don’t underestimate the importance of finding the right agency partner to support you with your CMS, especially when it comes to WordPress security.
Ultimately, you should understand that:
Your data will be fully protected if you work with an agency who takes security seriously and prioritises it at the core of every development task they deliver for you.
That means they should be capable of handling secure architecture, testing, monitoring, updates, and ongoing support for you as part of your service. You should always take the time and care to find a specialist agency partner who has a proven track record of building robust, reliable sites, to ensure you’re minimising your risk.
WordPress is a Suitable Platform for the Enterprise
Cyber security and data protection are critical for businesses of all sizes, across all industries. But it can’t be denied that large businesses often face more severe consequences by falling victim to a cyber attack or data breach.
Choosing a platform that you have total confidence in is a necessary factor in the process of evaluating your options for a CMS.
When you have your own role and responsibilities to focus on, the last thing you want is to be constantly worrying about the security of your site. Following the advice and best practices listed in this article will provide you with a highly resilient WordPress platform with enterprise-grade security. That will allow you to spend more of your time creating an outstanding website that differentiates you from your competitors and drives business growth.
If you need more help understanding and evaluating platforms to deliver a web design and development project, read our comprehensive guide to selecting the right solution here.
Would you like these insights straight to your mailbox?
Hosting
20 June, 2023
Enterprise-Grade Web Hosting Explained
The type of hosting environment you select will have a strong influence on the success of your website. It’s important for you to find a secure, scalable web hosting service that you have 100% trust in to deliver high-performance at all times.
To simplify the options available to you, this article will break down the various types of web hosting services, and explore the non-negotiables we believe you should be considering in your criteria when making your decision.
The Fundamentals of Enterprise-Grade Hosting
Some of the most important things to look for with your hosting environment include:
Security – Cyber security is obviously an essential priority, and this should be top of your list of criteria in the current climate.
Performance – Your hosting environment should be set up in a way that makes your site capable of handling large surges of traffic.
Scalability – As your business grows, it’s likely that your site’s audience will grow. You need a hosting provider with the capacity to scale your services seamlessly to meet your needs, both now and in future.
Resilience – It’s important to ensure your hosting infrastructure is robust, and that it can gauruntee you certain performance levels and up-time.
Support – If anything does go wrong, you need to be assured that you have a quick, efficient support service in place to get your site back up and running as soon as possible.
Sustainability – With sustainability a growing priority on the corporate agenda, the carbon footprint of your data centre may be another important factor in your decision.
Option 1 – Shared Hosting Services
Shared hosting services can provide you with a basic secure server for your website. However, as the name suggests, these servers will be shared with a large number of other businesses. You won’t have any dedicated server of your own with shared hosting.
This approach does have some advantages, particularly in the area of cost. These shared hosting environments can cost as little as £1,000 per year. However, the down-sides to this often outweigh that cost benefit.
In many cases, the low cost of shared hosting services can often be reflected in the performance levels. This is because, with such a high volume of websites hosted on the servers, your performance has no protection if other sites are experiencing high volumes of traffic.
It’s also likely that you’ll only have access to limited support services when any issues arise. Many of the shared hosting options will have a ticketing system for support, where you’ll be at the mercy of the number of requests ahead of you in the queue. This could result in your website being ‘down’ during times where it’s business-critical.
Option 2 – Private Servers with Shared Hosting Providers
Most shared hosting providers will offer the option of having your own private server for an extra cost. This is often referred to as a VPS, which stands for virtual private server.
Rather than sharing a server with thousands of other businesses, you’ll only be sharing with a few others. While this is significantly better than the regular shared hosting options, you can still end up facing similar problems with performance and scalability.
This is another cost-effective approach, though, with some improvements over standard shared hosting. If you rely on an agency to set this up for you, they’ll likely put their smaller clients on a shared VPS and give their larger clients their own dedicated servers to minimise any potential problems.
Option 3 – Enterprise-Grade Private Web Hosting
Often the most reliable and trusted approach to take is to have your own dedicated server, which comes with a wide range of additional benefits.
With this option, your website is placed on its own private server in the cloud, managed by a dedicated team of specialists who offer personalised, hands-on support and ongoing optimisation.
Security
Enterprise-grade security should be a core part of the hosting service you choose, regardless of whether it’s private or shared. However, you’ll be guaranteed far greater security, with drastically reduced risk, when you work with a private hosting service.
For instance, a hosting provider should offer robust protection for your site, including:
Of course, compliance and certifications are another crucial aspect of cyber security these days. While some shared hosting providers may have the basic levels of compliance in place, most private hosting services will boast:
Performance
When taking this approach, you’ll receive your own bespoke service and will be provided with a hosting environment tailored to your specific requirements.
This will optimise everything included in your hosting package, from your preferred caching, loading speeds, performance requirements, up-time, and more.
You’ll also be able to set up a content delivery network (CDN) to make your website faster and more readily available to all visitors around the world.
Scalability
Private hosting gives you the capacity and flexibility to scale seamlessly anytime your website’s traffic increases, or if you have peak times for traffic.
This is an intelligent way to future-proof your investment, with the confidence that your website’s performance will be consistently excellent as the size of your audience increases and your site expands. This also applies to situations in which you need to scale unexpectedly due to short-term increases in demand, ensuring business continuity is always maintained on your site.
Resilience
Private hosting providers have guarantees for their resilience, and for your site’s up-time, covering all possible bases. This even counts for unusual scenarios like floods or fires.
It’s wise to look for a provider who offers back-up and disaster recovery services for the maximum resilience.
Back-Ups: Managed back-up services provide you with a tailored regiment, alongside rigorous testing, for guaranteed restorability.
Multi-level back-ups are taken for you, both locally and remotely, to minimise risk. You’ll also be able to choose from a range of replication technology options for your load-balancing and various fail-over scenarios.
Disaster Recovery: Private hosting providers will also use disaster recovery measures, such as geographically-distributed platforms and back-up data centres, providing you with full assurance that your performance and up-time are always maintained.
Your primary hosting platform will be replicated to a disaster-recovery platform, which means that if the primary data centre is ever out of action for a prolonged period of time you can fail-over to the back-up systems.
While the more basic hosting services can take days to recover in similar situations, which could result in losses of business and even reputational damage, disaster recovery can often be done in a matter of minutes with a private hosting environment.
Support and Optimisation
Trust and confidence in your provider’s ability to deliver on your requirements are a vital part of your hosting service.
It’s highly beneficial to take an approach that gives you – or your agency partner – a close working relationship with your hosting provider. Availability and accountability are much greater with a private hosting service than with a shared approach.
A close working relationship provides other advantages as well. For instance, anytime you want to make upgrades to your hosting environment, they can analyse your traffic and identify the best time and date to do that with minimal disruption.
This is all part of collaborating with your agency and hosting provider, so they understand your unique business and tailor your hosting services. This is all done based on the conventions of your target audience and your specific requirements to deliver the best possible service.
In terms of support, private hosting providers will have powerful automation tools to proactively, continuously monitor your environment. That allows them to resolve the majority of issues before they’re able to have an impact on your site.
This can also involve 24/7 custom alerting systems, as well as a fully customisable monitoring portal, and multi-channel systems to alert engineers rapidly in the event of any problems.
In terms of your overall service with an enterprise-grade private hosting provider, you should also expect to gain:
Sustainability
If your business has sustainability as a priority or core cultural value, then this is another reason to opt for a private hosting service. While it’s not impossible to find shared hosting services with carbon-neutral data centres, it’s much less common.
Sustainability is also a key focus for us here at SoBold as an agency. As a result, we’ve worked hard to ensure we have an environmentally-conscious, carbon-neutral service offering.
The Verdict?
Having a fully dedicated, bespoke private server is usually the preferred choice of web hosting services. This is due to the unmatched levels of security, scalability, and performance that come with private hosting providers.
Of course, it’s important to note that this does also come with a higher cost than other options. However, the benefits and trust gained through their strengths in these key areas ensure strong ROI.
Not only do their flexibility and optimisation provide you with a high-performance website set up for success, but enterprise-grade security and resilience will also minimise your risk and save you significant costs in the long-term.
Would you like these insights straight to your mailbox?
Announcement
4 January, 2023
SoBold’s 2022 Round-Up
As we’re now into the first week of 2023, this feels like an appropriate time to reflect on what was another thoroughly successful year for SoBold in 2022.
We’re now working with enterprise clients and providing them with excellent website design and development services. We’ve also continued to grow our client base and are proud to have consistently produced outstanding work on their behalf throughout the year.
We’re pleased to have strengthened our presence in the healthcare and financial services industries. Now, we’re looking forward to building and managing more scalable products for our clients in the year ahead.
Our High-Performance Team
The definition of “high-performance” will vary from person to person, and you may have your own idea of what it means to you. For us, as an agency, it means every member of our team holds each other accountable to always perform at the highest possible level, so we can achieve a standard of excellence for all our clients.
We’ve used “high-performance” as a core value of our company since day one, and have worked very hard over the years to build a “high-performance” team. In 2022, this continued to develop and has allowed us to push those standards even higher, which is something we take a lot of pride in.
We were excited to see all three of our business teams grow in 2022: design, development, and operations. Over the past year, we also made a conscious effort to ensure the whole agency is working closer together as a more functional unit, for the benefit of our clients.
As the team has grown, we’ve had to implement more processes, which has allowed us to scale, and will enable us to continue to scale, as we move into the next cycle of our business.
Congratulations to Ivo Georgiev, who’s coming to the end of a successful apprenticeship scheme, which he did with us and the help of QA’s Tech, Digital, and IT Apprenticeship.
The SoBold Website!
In 2022 we launched our new SoBold website. Finding time to do this while continuously delivering projects for our ever-growing client base was a challenge, but one I’m really proud of the team for managing so well. We used this as a beta project to roll out a new SoBold workflow, and whilst there’s still some way to go to perfect this, we’re really happy with how it’s looking on the front-end!
Every member of the team worked on this in some way or another, and we’re already getting considerably more inbound leads and exposure from it.
We’ve been working hard on becoming more active in the online community as well, and this is notable particularly over the last quarter where we’ve increased our marketing. We were fortunate to be interviewed by Cloudways, who are a cloud hosting service provider we work closely with, and you can see this interview here.
Clutch has continued to be a new business driver for us and our profile has gained more exposure amongst the country’s best website design and development businesses.
We’ve also begun producing a selection of in-depth guides and blog articles to help our community more easily navigate the current technology landscape. You can find all that useful content on our blog.
Our Clients
We’re grateful to have worked with so many wonderful people from some brilliant clients over the past 12 months, and have built an array of different sites each with their own unique brief and challenge.
If you’d like to gain insight into the process we follow with our clients for project briefings, check out this recent article, which also includes a helpful brief template.
This is a great chance to showcase below some of the work we’re most proud of in 2022, for a selection of companies who are doing some very interesting things to make positive change in their respective industries:
Built and Live
Jamie and the Jam – Jamie and the Jam conceptualise, create, deliver, and manage beautifully bespoke content for their clients and their audiences.
Amplitude Clinical – Amplitude is a leading UK Patient-Reported Outcome Measures (PROMs) and clinical outcomes platform.
Arenko – Arenko is a market-leading technology provider enabling the clean energy transition.
Dictate.IT – Dictate.IT helps healthcare organisations across the UK and Ireland harness the power of speech to deliver seamless, efficient, and effective document management.
Edgerley Simpson Howe – Edgerley Simpson Howe are specialist out-of-town retail, leisure, and commercial roadside property consultants.
Pippo – Pippo lets you book your GP appointments whenever and wherever suits you.
Common Purpose – Common Purpose offers exceptional personal training in the heart of Mayfair. If you’re looking to start with a new gym or PT in the new year, Common Purpose are your guys to speak to!
Still Waiting to go Live!
Coller Capital – Coller Capital is one of the largest global investors in the private equity secondary market.
Healthlink – Healthlink connects more than 15,000 medical organisations across Australia and New Zealand.
Konnect Net – Konnect Net helps businesses in the insurance and health sectors exchange data in a quick and secure way.
Turvec – Turvec is a bike parking company specialising in designing, installing, and maintaining secure and user-friendly bicycle storage solutions and two-tier bike racks.
There’s also a handful of special clients listed below that want to highlight, either because of the longevity of the relationships or the positive impact our work has made on their businesses:
Kapow Primary
Kapow Primary, whom we’ve been working with since 2018, is now used in almost one third of all UK primary schools, with over 30,000 primary school teachers using the Kapow Primary platform each week.
Our amazing Kapow team has been working on some really inspiring projects over the past few months particularly, and we cannot wait to share more when we publish these live.
You can learn more about our work with Kapow, and how we first started, in our case study here.
Rede Partners
We started working with Rede Partners in late 2019 to help bring their vision ‘RedeWire’ to life. RedeWire is a new interactive online limited partner (LP) portal, providing instant access to Rede’s current fundraising offering.
RedeWire has had a closed launch, so we’re really excited for it to launch to their wider audiences in Q1 of this year.
Transport for London
Transport for London has renewed its cookie management contract with us for a fifth successive year. This highlights not only the great work we’re doing with them, but the importance of the relationship we’ve built with them.
We recently became only the third Platinum Certified Partner with Cookie Bot in the UK and this is a service we believe will continue to grow into 2023 and beyond.
You can learn more about our work with Transport for London here, and you can also read about our contract renewal in our press release here.
Clanwilliam
We’re proud to have been working with Clanwilliam since 2017, and our relationship has flourished each year since then. We initially started working with their Global HQ, before being rolled out across their three divisions Clanwilliam Ireland (site being redesigned in Q1 2023!), Clanwilliam UK, and Clanwilliam ANZ.
We work with over 15 of their brands designing, developing, managing, and hosting their websites. We also work closely with these brands to help them with their branding and print design activations.
2022 saw Clanwilliam take a major shift in their global brand, choosing us to help them rebrand from Clanwilliam Group, dropping the ‘Group’. We worked closely with their Global Brand and Communications Director, Lauren Turner, to help bring this to life.
We all went into the process looking to rebrand Clanwilliam in its entirety, changing the logo and creating a completely new brand. However, we quickly realised the logo was going to stay and the brand needed to change around this.
We uplifted Clanwilliam’s colour pallet and fonts, creating a new brand that much better reflects their company’s values and ambitions.
You can see a more detailed case study about what we did here.
It’s Not All Websites Though!
Our talented Graphic Design Team was busy in 2022 too, across multiple rebrands and supporting various Knight Frank divisions. Some of our Knight Frank work is highlighted here.
We’ve also successfully managed to move all our clients into our Positive Park Hosting environment, which is based in Cambridgeshire. This has meant all our sites are running on a more optimised and bespoke server, tailored to their needs. Our VIP enterprise-grade support at the hosting park has made a positive impact, ensuring all our clients have peace of mind that their sites are secure and stable.
The hosting environment is an eco-friendly data centre that uses 100% renewable energy and is certified by the Green Web Foundation.
You can learn more about our hosting solution on our WordPress Website Hosting service page.
In addition to working with our clients, we’ve also been working hard on improving our processes, becoming more compliant and becoming a more reputable company across the board.
We became ISO 90001-compliant in 2022 and have successfully put our project management systems in place. Our Project Manager, Anna de Moraes, has been instrumental in implementing processes to optimise our workflow, and she’ll continue to drive the business forward into 2023.
We were absolutely delighted to work with Nation.Better to get a Skilled Licence VISA sponsorship as well, which opens up opportunities for us to hire more global talent. This is something as a business we’ve been looking forward to for a while now. Getting this licence and already hiring two people, and giving them the opportunity to work in London, is something we’re really proud of.
We also renewed both our Living Wage Accreditation and Cyber Essentials certification.
2023 and Beyond!
2023 is only going to be bigger and better for us here at SoBold. We have big plans to execute on our hiring strategy and intend to grow the team across all areas of the business. Doing so will help us continue to improve the service we provide to our clients.
We’ll continue to work with key clients in our industry focuses: healthcare, finance, real estate, and SaaS. As we work with more medium to enterprise-sized clients, we’re confident we’ll become more recognised as the High-Performance WordPress agency.
Thanks for reading. We hope you have a great year in 2023!
To keep up with all the latest news and updates from our agency, and gain priority access to our weekly learning resources, please do join our community by subscribing to our newsletter below.