Summary
If you’re looking to build a website for your business, a proven approach is to work with an agency and have them deliver the project for you. This could be a bespoke website design and development agency or solely a website or platform development agency.
Before you approach an agency, however, you’ll first need to reach a clear, detailed understanding of your requirements.
This article will provide an in-depth guide to help you through the briefing process and ensure your chosen agency delivers your project successfully, including a free template you can use to create your own brief. This template can also be used for other types of development projects as well, including anything from an online portal to an internal training platform.
Where to Start
Whether you need to design and develop a new website, or rebuild or migrate an existing site, a natural first step is to take your idea to an agency with a view to launching a web development project.
However, it’s a common mistake to go to an agency too early with just a raw, under-developed concept. Rather than meeting with an agency prematurely, we strongly suggest going through the process of defining your specific requirements and creating a project brief first.
The first thing to do is hold a discussion with the relevant people internally. Talk through the idea, and try to define what it is you need and what you want to achieve with it. Get a clear picture of what that idea or a concept will turn into, but also think carefully about what it should do from the perspective of your end-users.
Once you have a more tangible understanding of what you’re looking to build, you should begin creating a brief.
This is a document outlining the key details and requirements for the project. It’s something you’ll need to take with you to your introductory meetings with the agencies you’re considering, as it will be a very useful tool in helping you explain your idea clearly.
A brief doesn’t have to be complicated. It’s just a simple written document that lists everything you want at this early stage. However, while a brief can be simple, it’s important that it’s as specific as possible too. The more detail you provide for your agency, the more chance you’ll have the project delivered on time, within your budget, and meeting your expectations.
Why Having a Brief is Crucial
There are some potential pitfalls to be aware of that could create challenges for you if you don’t create a thorough brief.
Unfortunately, some agencies will be willing to work with you without a detailed brief, glossing over important details and keeping the expectations and requirements vague. This is a red flag to look out for, as it will likely result in one of several outcomes:
- You risk going through a long, expensive discovery and definition exercise that you could’ve done yourself internally for no cost.
- You risk being given a quote that’s too expensive, or a project timeline that’s longer than necessary.
- You risk receiving a service from the agency that doesn’t align with your request or meet your expectations. In turn, you’ll then have to spend even more time and money on a new project to get your original idea developed.
A brief is what gives you and the agency a mutual understanding of the work that needs to be done to successfully deliver the project. Without that specificity, you might end up disappointed. That’s why it’s always wise to put some time and effort in up front before taking your idea to an agency.
Once you submit your brief, you may be invited to participate in a follow-up session to further explore the requirements you’ve listed. This is perfectly normal, and actually a good sign. Experienced agencies will want to talk through each of the elements of your brief with you to help determine the best possible way to deliver those in the project.
How to Create Your Brief
When you begin to discuss and plan the requirements of your project between your team, we recommend thinking carefully about the following points.
Please note: There are a lot of things that could go into a project brief, depending on how complex your requirements are, so we won’t include everything here in this article.
The Project’s Purpose and Goals
Start by thinking about what the purpose of the project is. There’s no use speaking to an agency until you have a clear, specific understanding of exactly what you’re trying to achieve with this project. This should relate to your strategic business objectives, but it should also be designed to meet the needs of your end-users.
Ask yourself how this will allow you to improve your end-users’ experience or solve a problem for them. Answering this might involve working on user personas or developing user stories, or potentially even working directly with some members of your target audience to gather their input.
Project Timelines and Deadlines
Timing is another important point to think about, particularly how much time you have to deliver the project. Deadlines can sometimes relate to certain dates that are out of your control, so it’s better to start as early as possible in those cases. If there’s any flexibility with the timeline for delivery, make a note of that as well.
Project Stakeholders
Make a list of all the stakeholders involved. This is a good thing for the agency to be aware of early on, because the project becomes more complex with a higher number of stakeholders.
Depending on the size of your business, and the nature of your site, your project team will usually be some combination of: A marketing director or marketing manager, someone from your operations department, and someone from IT.
However, if you also have people like someone from your IT team responsible for security, a content writer to provide all the written text, or any external consultants, that should be made clear in advance. If your site will need to integrate with other platforms, such as your CRM system, you may have an integration manager specifically in charge of overseeing that as well.
It’s useful to designate roles to certain stakeholders, such as project sponsors, product owners, administrators, and so on. This will help you understand who’s responsible for different aspects of the project internally.
If you plan to work with external agencies for things like SEO or branding, it’s important to note that in your brief. This is necessary for the development agency to be aware of as early as possible, because collaborating with other third-parties at different stages of the project requires a lot of coordination.
Certain processes may also have to run differently if other third-party agencies want to be more hands-on or handle some parts of the site themselves. The earlier this is made clear, the more smoothly the project will run.
Technology Preferences
If you have any preference of technology platform or any requirements related to your existing tech stack, that will be something you’ll need to decide early on. For example, would you prefer to use WordPress due to its scalability, or do you have any existing investment in any other platforms?
Think about any preference you have for the various technology choices available, why they’re important to you, and whether your agency will have to tailor their approach to accommodate that.
If you need help understanding and evaluating your options for technology platforms, check out our helpful guide here.
Budget
Try to determine a minimum and maximum budget for your project, even if it’s just a loose range for now. It will help you evaluate agencies, and will also help you prioritise the various aspects of the project as “must have” or “nice to have” in many cases.
Design Look and Feel
This is where your company’s brand comes into play. You’ll want your site to reflect your brand and that will come through in the design. Bring any brand guidelines to the table, and think about what sort of tone or experience you want to convey to your end-users.
If you don’t have any recent brand guidelines and want help updating them, or need to go through a rebranding process, mention that in your brief as well. Design and development agencies will often be able to help you in these areas too, or at least refer you to a trusted partner who can.
User Interface (UI)
How your end-users will interact with your site, and what kind of experience they’ll have, is largely determined by the user interface. When it comes to design and UI, simplicity is usually the best approach. However, depending on the function you’re providing, you might have some specific or bespoke UI requirements.
Consider your target audience carefully here as well. For example, if most of your users will be accessing your site from a mobile device, it’s probably wise to opt for a mobile-first design.
Some other important things to think about here include how you’d like your sitemap to be structured, especially if you have an existing site that you’re already happy with.
If your project will involve rebuilding or migrating an existing site or platform, it will be helpful to gather any existing data sources, such as Google Analytics, that will provide insight into your current site.
Non-Functional Requirements
Non-functional requirements are all the aspects of your site that happen behind the scenes. These are things that allow your site to do its job properly for your end-users, but won’t be evident to those people while they’re using it.
There’s a lot of things to consider with non-functional requirements, so we won’t cover everything here.
Hosting
If you have any specific hosting requirements, such as a preference for a certain cloud-based platform, or a particularly secure data centre, those will be important to identify as early as possible.
Say, for instance, that sustainability is a core value for your business, this could also have an influence on how and where your hosting is managed.
If you have an internal IT team that will be contributing towards the hosting decision, make sure you involve them in the discussion.
Security and Compliance
Security is a growing concern for all businesses today. It’s crucial to think about security as a core component of any web development project, to minimise any potential risks for your business.
If you have someone in your team responsible for security, they should begin to think about issues such as:
- How will you be backing up the site’s data?
- What level of data encryption do you need?
- How will users’ personal details be stored and protected?
- Will you have two-factor authentication?
- What password recovery process will there be for users?
Robust security also involves keeping compliant with any specific security or industry regulations that may affect your business. Of course, compliance with things like GDPR should be planned for at this stage too.
Some other common non-functional requirements include things like session management capabilities to track and things like log-in time, session length, pages visited, and so on. Search engine optimisation (SEO) tools, analytics, or other capabilities might need to be built into your site as well.
Accessibility, Usability, and Responsive Design
When it comes to aspects that will make your users’ experience as seamless as possible, such as accessibility, a good agency will ensure all these things are taken care of for you. This is also the case for ensuring all major web browsers, operating systems, and devices are fully supported and compatible. Development should always be compliant with industry standards, taking into account optimum accessibility and usability.
However, if you have any additional or bespoke requirements for any of these things, those will be useful to note early on.
Functional Requirements
The term ‘functional requirements’ refers to everything that your site will be able to do for its users, in terms of its features, functionality, and capabilities.
As mentioned earlier, one of the first things you discussed was what the site will help your end-users achieve. From the perspective of building something your target audience can use, you should start to get a feel for what functionality is required to ensure they can achieve that.
Features
Your features are the things your site will allow your users to do. These can be very simple, or very sophisticated, depending on what you’re aiming to provide for them.
When putting your brief together, think of any and all features and functionality that might benefit your users. Your agency will then work with you to explore these and find the best way to turn that into intuitive, user-friendly features for you.
What to Do Next
Once your team has been through the process of talking through all the points listed above, you should have a very thorough, useful brief to work with. The next step is to take that brief to any introductory meetings you have with agencies and ask them what they think of the project initially.
It’s normal for an agency to ask lots of questions at that stage and really dive into the ‘WHY’ behind all the things you’ve put into your brief. A good agency will even challenge you on certain decisions, to help you determine the best possible way to build what you need.
Once you’ve discussed your brief with an agency, determine which one feels like the best fit. Choosing the right agency is crucial, as it will have a huge influence on whether or not your project is successful.
As mentioned earlier, some agencies will agree to launch into a project without a brief, and that can be extremely problematic. While the main purpose of a brief is to help you and your agency understand exactly what you need, it should also be used as a way to spot partners who may not be sufficiently thorough or conscientious.
Whichever agency you choose, a detailed brief will help you ensure you’re given a fair quote, realistic timelines for completion, and a finished product that meets your requirements and expectations.
More Helpful Resources
If you’re considering a bespoke development project, our related article provides useful guidance to help you choose the right technology platform for your specific needs:
Understanding and Evaluating Enterprise Options for Bespoke Web Development
Would you like these insights straight to your mailbox?
- What’s the purpose of your project?
- What objectives do you want to achieve?
- What exactly are you looking to build?
- How much budget do you have to spend?
- What existing technology do you need to integrate with?
- What features and functionality do you need?
- What skills and expertise do you have in-house?
- Stick with your existing platform and update or build on to it
- Buy a custom, purpose-built, ‘out the box’ platform or piece of software
- Work with an agency to adopt a new platform and/or build something bespoke.
- Bespoke development
- Customisable design, features, and functionality
- Migration from legacy systems to a new platform
- Seamless scalability
- A secure infrastructure
- Performance in peak traffic volumes
- Integration with back-end systems like Salesforce, HubSpot, PowerBi, and more
- Ease-of-use in both the front and back-end
- Quick and easy editing capabilities
- Multi-site development for multiple languages across different countries
- Responsive or ‘headless’ design for web and mobile, enabling omni-channel customer experience.
- Auto-updates – When your platform’s software is automatically updated, changes in the code can cause new security weaknesses to arise.
- Plugins – Using WordPress plugins from untrustworthy sources, or neglecting to update and maintain your plugins properly, can also cause security issues.
- Review the results and analysis of any previous tests (if there are any)
- Define the scope of the testing, including which tests will be performed
- Gather all necessary data and information on the system to conduct the testing
- Determine the criteria of success or failure for the tests.
- Use automated tools to scan for vulnerabilities and identify weaknesses
- Attempt to exploit the identified weaknesses
- Repeat the tests with different types of user roles and permissions
- Measure the outcomes against criteria for success or failure
- Create a report on the outcomes and results of the tests.
- Review the reports and analyse the results
- Remediate and resolve the vulnerabilities that were able to be exploited
- Re-test the vulnerabilities to ensure remediation was successful.
- Read our comparison between Sitecore and WordPress here.
- Read our comparison between Umbraco and WordPress here.
Digital Business
31 October, 2022
Understanding and Evaluating Enterprise Options for Bespoke Web Development
Evaluating and selecting the best option for a bespoke web development project is an important decision, with a lot riding on it. But with so many technology providers, platforms, and agency partners out there today, that decision can be overwhelming.
In this article, we’ll guide you through this evaluation process, explore the options available, and help you choose the right technology platform for your own web development project.
We all know that a large business or enterprise relies on technology to function. With dozens of sites across different countries, hundreds of employees, and thousands of customers, technology is the heartbeat of your organisation.
You need sophisticated technology to facilitate mission-critical digital assets like your website, mobile applications, staff portals, communications channels, and various other systems. Many businesses also leverage technology to facilitate processes or capabilities that are entirely unique to the organisation, like internal training platforms or bespoke tools for certain departments.
With that in mind, it’s important to find a platform that can meet your specific requirements and enable you to accomplish your strategic objectives.
Modern enterprise systems need to be dynamic, scalable, and intuitive, and achieving that involves some complexity behind the scenes. For that reason, it’s often necessary to take the route of a bespoke development project to ensure your business gains exactly what it needs in terms of both functionality and capability.
A content management system (CMS) is the most common technology platform for businesses to deliver these projects, with almost two thirds (63%) of all sites on the Internet powered by a CMS today. This is a type of software used to build websites and similar systems, allowing you to easily create, edit, and publish digital content across a range of online channels and devices. But determining the best CMS, let alone choosing the right one for your own bespoke development project, can be a daunting challenge.
So, let’s explore the situations in which it’s wise to adopt a CMS to deliver a development project. We’ll then walk you through the next steps, giving you the confidence to make the best decisions for your business along the way.
Enterprise Challenges with Technology
There are plenty of situations in which a marketing team might be struggling to identify the right technology platform for a project like this.
Perhaps you need to find a way to deliver something very niche, like building a new website or internal system from scratch. Maybe your project requires you to build a website on a new platform, and that platform needs to integrate with your internal systems like Salesforce, HubSpot, PowerBi, and other back-end applications.
Or, you may be trying to solve a challenge, like finding a suitable way to replace your current legacy systems. If, for example, your current website is built on a CMS like Drupal, and it’s no longer capable of meeting your requirements, you’ll need to find a new platform and migrate everything over.
A CMS is an ideal solution in each of these scenarios, and many others. Of course, with such a vast technology landscape to navigate, finding the right CMS is no easy task. It’s even difficult to know where to begin for most enterprise marketers.
So, let’s take a look at how you can approach this evaluation process in a cost-effective, efficient way.
How to Approach an Enterprise Web Development Project
Firstly, as an aside, it’s important to regularly review and reassess whether your CMS is fit for purpose, even if you don’t have an immediate requirement for something new.
Modern technology is advancing so rapidly. With that, your users’ expectations – both employees and customers – are evolving as well. You need to keep up with the pace of change and ensure your technology can still meet the current demands it faces from those users.
Back to the task at hand, though. Before you begin looking into different CMS, you should try to define exactly what it is you need from them.
Whether you’re building a bespoke website or migrating an existing site to a new platform, make sure you know exactly what you want to achieve by doing so.
Start by asking questions like:
Make sure you have a very specific brief and clear set of requirements to take to whichever solution providers and agencies you’ll be speaking to. If you don’t, you’ll struggle to fully understand whether the platforms you’re evaluating can actually deliver what you need.
Once you’ve got that, you can decide which approach is the best for your project. This could be:
It’s worth noting that most web development projects for large businesses will have complex requirements that are almost impossible to achieve without strategic guidance and ongoing support from an experienced partner. An agency partner will work closely with you to understand your strategic objectives and requirements, then provide you with platform-specific skills, tools, and expertise to achieve those. We’ll look at this in more detail later in the article.
Defining Your Requirements
As mentioned above, it’s important to have a specific set of objectives for your project and know what requirements are necessary to achieve those. These will also ensure the partner or agency you work with understands your brief and is able to deliver the exact finished product you’re looking for.
When scoping this out, there are some common capabilities and qualities most enterprise-grade platforms should have in order to meet expectations. Here are some things you should ensure your new platform – and the agency you work with, if you decide to go that route – can provide for your business:
Your Options for Enterprise CMS
Drupal
Drupal is popular among enterprises because it’s a highly secure platform. It’s also great if your team contains technical resources with good coding ability, as it’s very intuitive for people that have more advanced content management skills.
On the other hand, Drupal can be very difficult to get up and running, and is lacking in terms of simplicity. Because of this, your agency costs will also likely be higher than with other CMSs if you take that route.
Even if you do have that technical skill in your team, however, the platform itself is somewhat limited with customisation. It’s also worth noting that the version of Drupal most businesses currently use (Drupal 7) is soon reaching end-of-life. This has caused many Drupal users to migrate their existing sites to new, more intuitive platforms, such as WordPress.
Sitecore
Sitecore is a robust CMS that provides more capabilities than the average platform. It’s popular because it actually offers a fully-managed ‘digital experience platform’ that delivers most of the qualities mentioned in the previous section.
Sitecore comes with a good level of personalisation and is well suited for bespoke development projects. However, it’s an expensive system, requiring the procurement of licenses to begin using it. It also restricts certain capabilities unless you progress to higher tiers (and costs) of your licenses.
From a practical perspective, Sitecore operates on quite hierarchical, complex workflows, which may not suit more agile or smaller teams.
Umbraco
The scalability of Umbraco is great for large organisations, as it allows you to manage a high volume of pages and build out your website to meet the changing needs of your business.
Similar to Drupal, Umbraco is mostly suitable for users with more advanced content management skills and some development experience. This makes it difficult to use for the average marketing team, which increases the likelihood of higher costs, either through more expensive agency projects or even the need to hire someone in-house.
WordPress
WordPress is the platform that powers almost 45% of the world’s websites. It’s so popular because it’s affordable, flexible, dynamic, and very easy to use.
There is a common misconception that WordPress isn’t robust or scalable enough for large businesses. However, this continues to be proven as a myth, as some of the biggest brands in the world are now using WordPress for their CMS, from Nike to Bloomberg.
We’ll provide a detailed breakdown of the benefits and advantages WordPress offers in the next section.
Which is the Best Option?
It’s important to remember every web development project will be different, and each of these platforms are good options in their own way. That’s why you should make your decision based on the solution that best aligns with your objectives, requirements, budget, and other factors.
One common point related to all these platforms that’s worth noting is that each of them are exponentially easier to use, and will deliver far greater return on investment (ROI), if you have the support of an experienced specialist partner to guide you. An agency with platform-specific skills and expertise will ensure your business gains the maximum value from the platform you select, and help you leverage it strategically to harness its full potential.
Business Benefits and Opportunities with WordPress
Using WordPress is an excellent option for any business. For large organisations in particular, there are a number of qualities that make it particularly beneficial.
Scalability and Agility
The WordPress platform is highly scalable. This means that the size and complexity of your website, and the amount of traffic passing through it, won’t be a concern. WordPress can also grow with your business and easily adapt to continue meeting your changing needs. Scalability is one of WordPress’s most prominent advantages for enterprises.
Low TCO and Strong ROI
Of all the options listed above, WordPress comes with the lowest total cost of ownership (TCO). Unlike most platforms, you won’t need to bolt on new features or capabilities with WordPress, nor will you have to worry about costly extra work to manage platform upgrades or updates. Additionally, because WordPress is so flexible and rich with dynamic features and capabilities, it’s proven to deliver strong ROI.
Flexibility and Customisation
WordPress is ideal for a bespoke development project because it’s highly customisable. You can use its flexibility to build bespoke features and functionality into your website or create an entirely unique system.
Fast Time-to-Market
Because of its great usability and simplicity, WordPress allows for a very fast time-to-market, meaning you can deliver your project quickly and efficiently. However, it should be noted that most businesses will need the support of a skilled agency to be able to achieve that.
Integration
WordPress is very easy to integrate with other systems, such as HubSpot, Salesforce, and others. This means your business will experience minimal disruption due to integration, whether migrating to WordPress or starting a new development project from scratch.
Usability
In the back-end, WordPress is renowned for its usability. As a CMS, it’s extremely easy to use, meaning you can get up-to-speed quickly and share responsibilities across more members of your team.
Performance
The performance, speed, and ease-of-use with WordPress are all enterprise-grade when building websites on the platform. This means user adoption and retention will be high, ensuring the success of your project and driving greater ROI.
Long-Term Value
When working with WordPress, you’ll also gain advantages that will deliver added value to your business, especially if you have the support of a specialist partner who can help you unlock the full power of the technology.
The project doesn’t stop with the initial implementation of WordPress, either. As your requirements change, or your project evolves, WordPress is the best platform to adapt with you and deliver value to your business in the long-term.
Why WordPress is the Future of the Enterprise
WordPress is the most popular and widely used CMSs in the world today. And that popularity has been consistently spreading into the enterprise market over the past decade or so.
This is no coincidence, either. It’s unsurprising to see how quickly WordPress is growing in popularity, as more and more businesses realise the vast potential of the platform and the benefits it can deliver.
When taking into account its unprecedented scalability, flexibility, and usability, not to mention its low TCO, WordPress is one of the leading options for bespoke web development projects for large organisations.
When it comes to evaluating the options for your own project, remember to carefully consider how each platform aligns with your requirements and objectives. Once you’ve identified the CMS that is most suitable to deliver what you’re looking for, consider the value that could be added to your project by working with an agency partner who specialises in that technology.
Would you like these insights straight to your mailbox?
Company Milestone
10 June, 2021
Clutch recognizes SoBold as a top web developer in the UK
As a web developer team, our responsibility is in providing support to other companies. We make sure that websites look and work well for the businesses that need them. Our team serves as an expert extension of our clients so they can focus on their actual operations.
We take pride in our work and it looks like our efforts are paying off. We’re very happy to announce that we’ve been given an award. SoBold was named as a top UK web developer by Clutch for the year 2021.
Clutch is a ratings and reviews company that uses a unique verification process that ensures all of the content on their platform comes from legitimate sources. They then leverage this information to create ranked lists of the best performers in every industry around the world. The best of the best then get an award.
The best part of all this award is that it’s not decided by a panel of faceless judges. It’s based on the reactions of the people that worked directly with us. They’re the people in the best position to judge or critique our work. In fact, here’s what our Director had to say when we got the news.
“We are absolutely delighted to be chosen as one of the leading WordPress Development agencies in the UK by Clutch and look forward to continued growth and development to fulfil our potential.” Will Newland, Managing Director, SoBold.
If you want to partner with a team that will provide expert support and service to ensure your website is the best it can be, give us a call. Fill out our contact form and we’ll set up an appointment as soon as possible.
Would you like these insights straight to your mailbox?
Development
14 July, 2023
A Guide to Penetration Testing: Strengthen Your Website Security and Minimise Risk
Penetration testing, often abbreviated as pen testing, is an essential process to ensure you maintain a safe and secure website. But what exactly does pen testing involve, and how can you rest assured your agency partner is covering all potential vulnerabilities for you?
This article will provide a detailed guide to penetration testing, helping you minimise your security risks and ensure your website is fully protected.
In a recent series of articles published in our resource library, we provided an in-depth explanation of the end-to-end process of building a high-performance, enterprise-grade website. (If you’d like to read that series first before learning about pen testing, you can start here).
After you’ve worked with your agency partner to successfully build your website, you’ll also need to ensure your site is protected from cyber security threats. With that in mind, you should understand the important role that pen testing plays in effective website security and maintenance.
What is Penetration Testing?
Penetration testing is a form of website testing that’s used to identify security vulnerabilities When conducting pen testing on your site, your agency will simulate a range of cyber attacks that could be used by cyber criminals or malicious software (malware).
The purpose of this is to identify security weaknesses within your site and take action to prevent them from being exploited in the real world. This approach goes beyond basic tests, as it doesn’t just list the vulnerabilities, it examines how they could be exploited and helps to prevent that from happening.
Why is it Crucial for an Agency to Conduct Penetration Testing?
Website security is critical in today’s digital business landscape. Cyber security threats have become highly intelligent and sophisticated, now capable of penetrating even the strongest security networks.
For instance, global technology giant Acer was the victim of a cyber security attack that demanded a ransom of $50 million USD in recent years.
The outcomes of a cyber attack on your website could be catastrophic, either through sensitive data being stolen, lengthy losses of business continuity, or even reputational damage.
Remember, your site’s security isn’t just vital to you as a business, it’s also something your clients need assurance with when they agree to work with you. You should be taking as many proactive steps as possible to ensure your security measures are rigorous enough to match high levels of risk.
Covering All Bases for Robust Security (in WordPress)
It’s useful to be conscious of the common security weaknesses and pitfalls cyber criminals typically aim to take advantage of.
Security vulnerabilities can be created when your website is running on outdated versions of your platform, or if something hasn’t been configured or integrated properly. Other common pitfalls include weak authentication measures and insufficient protection from the perspective of your users.
With platforms like WordPress, there are some areas in which less experienced agencies could allow security vulnerabilities to creep in as well. For instance:
This is one of many reasons why it’s important to work with an experienced agency partner who has proven platform-specific knowledge and expertise. Your agency should know your CMS of choice inside out, and should therefore be well aware of all the most common security pitfalls and targets for cyber attacks.
What Does Effective Penetration Testing Involve?
To conduct pen testing, your agency’s security experts will run through a process that attempts to penetrate your site’s security measures.
This is usually done in stages, as follows:
1 – Planning and Preparation
2 – Running the Tests
3 – Post-Testing
The Benefits of Thorough Penetration Testing
Working with an agency partner who can support you with ongoing pen testing is a necessary step towards gaining enterprise-grade security for your website.
Technology changes so quickly today. Your platform receives updates regularly, your site is always growing, and cyber criminals are constantly finding new ways to breach your defences and gain access to your data. Penetration testing allows you to keep the pace with new emerging vulnerabilities.
Conducting regular pen testing can also help improve client relationships and create competitive advantages as well. In certain industries, a demonstrable commitment to security will be greatly appreciated by your target audience. This can help to differentiate you from the competition and provide the trust required to attract more prospective clients to work with you.
Website Security is a Never-Ending Battle
While every business with a website faces tremendous security risks today, this is a proven process that can help to minimise that risk and give you the confidence you need in your site’s security.
Any agency partner you work with should have the knowledge and expertise to understand the importance of pen testing, and should insist on making this an integral, ongoing part of your site’s maintenance.
Would you like these insights straight to your mailbox?
Industry News
12 January, 2023
WordPress vs Drupal – Comparing Both Content Management Systems
There are plenty of similarities between WordPress and Drupal. That can make it particularly hard to choose between the two if you’re tasked with finding a new content management system (CMS) for your business. But when you’re about to invest in a new CMS, it’s an important decision that needs careful consideration.
After all, your CMS will be the platform upon which your website is built, and the influence that will have on your business growth and success today shouldn’t be underestimated. With that in mind, it’s crucial to find a platform that aligns with your specific requirements and enables you to achieve your strategic objectives.
To help you gain a clear understanding of the differences between WordPress and Drupal, and decide which one is better suited to your business, we’ve provided this helpful side-by-side assessment.
This article is part of a new series where we’ve explored direct, objective comparisons between some of the leading options for CMSs. In the third article of this series, we’re looking at Drupal and WordPress. You can find links to the other articles in this series at the bottom of the page.
Approachability and Ease-of-Use
A CMS is a big investment, and so you’ll want to begin getting good use and value from your platform of choice as quickly as possible. Like any type of software, though, some platforms are more approachable for the average user, while others will require you to have some previous experience to get going.
How Approachable is Drupal?
Drupal is aimed at users with some prior coding skills or content management experience. If you have technical skills at your disposal, Drupal can provide great functionality once you’ve put some time and effort into setting everything up.
For non-technical users, however, working with the platform and getting comfortable using it can be a long-term process. It’s an advanced CMS that doesn’t offer much in the way of straightforward usability “out-of-the-box” unfortunately. If your team is made up of non-technical users and beginners, this might not be the best platform for you.
Even if you work with a web development agency to help you get everything set up and tailored to your preferences, the complexity of the code will make their project timelines and costs higher than the average CMS.
How Approachable is WordPress?
WordPress is very approachable for anyone, even beginners without any previous experience using a CMS.
Simplicity is one of WordPress’s greatest strengths, and many would argue that elevates it above all its peers.
This usability allows you to get up-to-speed immediately with a very fast time-to-market for your site. That means you’ll begin to achieve a positive return on investment (ROI) much quicker than most other platforms. Almost everything you need to build and manage your website will be readily available when you first begin using WordPress, making it more approachable for the average user than Drupal.
As it’s such an intuitive platform, pretty much anyone in your team will be able to use WordPress. That will make it easier to handle the daily management and running of your site as a shared responsibility.
Functionality and Customisation
As touched on above, you should be looking for a platform that you and your colleagues will be comfortable using on a daily basis. If you don’t like the way a CMS functions, you should remove it from your shortlist of options.
While Drupal and WordPress are similar at first glance, with the same fundamental functionality of a CMS, there are some unique features and capabilities that differentiate them. There’s also a wide range of ways to customise them to your own liking.
Working with Drupal
While the complexity mentioned in the previous section does require considerable time, effort, and money to get past, once you’ve got there you’ll likely find Drupal is a good CMS to use for building and editing your website.
Drupal’s user interface (UI) is fairly easy to get used to. You can publish, edit, manage, and organise content with flexibility, adjusting your page structure and site navigation. You can also lean on a large library of website themes and modules, which are additions similar to WordPress’s plugins, to tailor your CMS to your own unique specifications.
Working with WordPress
As a CMS, WordPress’s simple, intuitive functionality allows you to seamlessly launch and manage your site. It’s very convenient editing content on a page-by-page basis with WordPress with its block-based design. This allows you to create quality content from day one, with the freedom and flexibility to make adjustments to the platform as and when you require.
WordPress also allows you to customise it as well with a vast selection of plugins and themes. The difference between WordPress and other CMSs, though, is that there’s not much you’ll need to change about it out-of-the-box before you can begin using it comfortably.
Because it has a lower cost and faster time-to-market, it will free up more time for you (or your agency) to focus on higher value work, like differentiating your site from competitors or developing personalised content for your customers.
Platform Security
When writing down the criteria that you’ll use to select your CMS, security should be one of the first things on that list. Threats to cyber security and data protection are increasing by the day, for businesses of all sizes across all sectors, so it’s crucial to ensure you select a secure, trustworthy platform.
How Secure is Drupal?
One of the major advantages of a CMS that’s aimed at those with web development skills is that the users of Drupal work hard to ensure the platform is highly secure. Drupal regularly receives security updates and additional reinforcements to protect the platform.
Of course, you still need to test thoroughly and continuously double-check there are no vulnerabilities in your system. This is usually the responsibility of your agency, and a good partner should always prioritise security at the core of any development project.
How Secure is WordPress?
WordPress is a secure platform, but some still carry the misconception that it isn’t suitable for large businesses. To find evidence of its enterprise-grade security, though, you only need to look at the number of organisations using WordPress as their CMS of choice today.
Still, there are some potential vulnerabilities that are important to be aware of. For instance, be careful when adding plugins to your WordPress platform. As WordPress runs on open-source software, some developers will inevitably release plugins that aren’t secure, so you should only use plugins from reputable sources.
When you do use plugins, you’ll also need to test them thoroughly and keep them updated, and ideally have them working alongside security-specific plugins such as WordFence. These are issues that a good agency partner should be well aware of and handle for you.
Security is also influenced by the hosting environment of your platform. You can reduce your security risks further with WordPress if you find a trustworthy, well-managed hosting partner to look after your system.
The Global Communities
An active community of developers is a valuable asset for a CMS to have. This is a selection of dedicated users who work hard to contribute to growing and improving the platform, either by releasing new updates and plugins or fixing bugs in the software’s code.
For businesses like yours, the community could make the difference between having a small issue resolved quickly or growing into a big problem. Communities also provide resources to learn more about the technology, to further develop the digital offering you provide to your customers.
Drupal’s Community
Drupal has a fairly niche, but very passionate developer community supporting it. The size of Drupal’s community is considerably smaller than more popular platforms like WordPress, mainly because of that higher degree of coding skill required to use the CMS easily.
However, that doesn’t detract from the level of support or added value you’ll receive if you do opt for Drupal. New themes, modules, and updates are often released to contribute to the quality of websites that can be built on the platform.
WordPress’s Community
Most of what’s been discussed as strengths of WordPress in this article can be put down to the hard work of the community adding to the software.
WordPress’s community is truly global, with millions of users regularly producing innovative new themes and plugins that your business can pick up and begin using with ease.
No matter what issues you run into with your WordPress site, there will always be help readily available from the community.
WordPress users are renowned for their events as well, with free meet-ups and conferences often held to help users learn more about the technology. WordCamp, for example, is a non-profit event that has been run by the WordPress community since 2006 across several continents. WordPress also hosts an annual event called WordPress accessibility day, designed to help increase awareness of the importance of accessibility in modern technology.
The Cost and TCO
Another important aspect of your evaluation will be the cost of your CMS, and its long-term total cost of ownership (TCO).
The platform you choose will need to deliver good value for money and a strong ROI. How easily you can achieve these will vary depending on the CMS and how well it aligns with your business’s requirements.
Drupal’s Up-Front Investment and Ongoing Costs
Drupal is an open-source platform, which means it’s free to use. In most cases, Drupal is a good option in terms of value when compared to other CMSs.
You’ll only need to worry about costs like agency fees for development, your platform hosting, and post-deployment testing and maintenance.
However, the aforementioned complexity of Drupal often causes agency work to be more costly and time-consuming than it would be when working with platforms like WordPress. From basic set up and development to customisation, it’s possible your TCO will continue to grow over the years the longer you’re working with Drupal.
WordPress’s Low Cost and TCO
WordPress, on the other hand, is a very cost-effective solution with a much lower TCO than with Drupal.
It’s another open-source platform with no license fees, and you’ll rarely need to add on new features or capabilities because it comes with so much “out-of-the-box” already.
WordPress development is more simple and affordable, as are its maintenance and support. As mentioned earlier, the fast time-to-market helps you get a high quality website launched quickly so you can begin seeing ROI almost immediately.
Understanding the Role of an Agency
The role of an agency has been mentioned several times throughout this article. That’s because most businesses with a great website will have worked with an agency partner with platform-specific skills to help them bring their vision to life.
An agency can support you with hosting, design, development, maintenance, security, and updates, each of which can be highly complex and challenging to handle alone.
Therefore, it becomes even more important to consider how easy your CMS is to work with, not just for you and your team but for your development agency as well.
With a platform like Drupal, that has a reputation for being difficult and time-consuming to work with, agency projects are likely to be quite a big investment, and an ongoing one at that. WordPress is a platform that’s far easier to work with, meaning that the cost of releasing a quality, secure website will be much more affordable.
A CMS becomes far easier to use when you find an agency with the experience and expertise to help you gain as much value from the technology as possible. Whichever platform you choose, you’ll find it easier to achieve positive ROI if you have a specialist partner supporting you.
Deciding Between Drupal and WordPress
Both WordPress and Drupal are perfectly good options for most businesses looking for a new CMS. While there are strengths and weaknesses to consider, the most important thing is to keep your business’s specific needs in mind.
Make sure you’re clear on your strategic objectives, unique requirements, users, budget, and other factors to inform your decision. Once you’ve done that, use the comparisons in this article to see how each CMS lines up against what you’re looking for. It should then become evident which platform is more suitable for you.
If you need more help in your evaluation of the various CMS options:
Would you like these insights straight to your mailbox?
Digital Business
8 March, 2023
5 Women To Shape the Design and Tech Worlds
March 8th is still an important date to remind us of the brilliance of being a woman in our society. Even though it can be a struggle every day, we know that women are capable of anything and we are very proud to celebrate the achievements of these creative and intelligent women.
Hedy Lamarr
Who can live without Wi-Fi nowadays? In 1942, Hedy invented the technology that later helped the creation of wireless signals.
Rear Admiral Grace Hopper
If you’re not in the programming world, you may not have heard of COBOL. This programming language created in 1952 is still used on business applications to this day. Grace was one of the first ever compilers and her work led to the creation of COBOL.
Margaret Calvert
Even in the age of Sat Nav, you’ve probably relied on a road sign at some point, right? Either driving or walking down the street, the reliable signs are a source of comfort when technology fails. Margaret was part of the team that redesigned the whole UK road sign system. It all started in the late 1950s and her work still guides us even to this day.
Carolyn Davidson
‘Just do it’ – the famous tagline from a brand you might have heard of, called Nike. The tick logo was first developed by Carolyn when she was just starting design and the idea behind it to represent speed and motion. Even though the Nike tick is now one of the top 10 most recognised logos worldwide, Carolyn has only made $35 from her design.
Susan Kare
We all know Apple. We all know that they’ve conquered the world of technology by consistently presenting unique designs with both their hardware and software. What you probably didn’t know was that Susan was the designer responsible for developing all the typefaces, icons and other elements that serve as the core for what we now know as the Apple brand.