Summary
Despite being the most popular content management system in the world, many large businesses and organisations in strictly regulated industries are still asking, “Is WordPress secure enough for us?”
This article will give you a detailed explanation of how WordPress can provide enterprise-grade security, to help you make your own decision about whether it’s secure enough for your own business. We’ll also share some helpful tips to enhance the platform’s security and reduce its risks even further.
As technology has become more pervasive in our daily lives, cyber security concerns have intensified, especially in the workplace. Each year, we read about more high-profile cases of global brands becoming victims of malicious cyber attacks, most often with sensitive data being the real target.
As a business, you should be increasingly careful and vigilant about the technology solutions you deploy today. This is even more important for large businesses and organisations in industries with strict regulations, where the consequences of security issues can be catastrophic.
When you’re choosing a content management system (CMS) to build critical digital assets like your website, security must therefore be a top priority.
Despite being the most popular CMSs in the world today – powering almost 45% of the world’s websites – WordPress is still seen by some as the platform for smaller organisations. You’d think its popularity alone would be sufficient evidence that WordPress is secure, especially as a large fraction of that user base includes enterprises across both the public and private sectors. However, when it comes to WordPress security, there are still some question marks.
So, is WordPress secure?
Yes, absolutely.
But there are certain factors and potential pitfalls you should be aware of if you’re considering WordPress as your CMS of choice.
Understanding Security in a CMS
As business challenges with cyber security and data protection continue to grow, selecting a platform that offers robust security is crucial. But how does that work, exactly?
Ultimately, a CMS like WordPress is just a piece of software, and all software can be vulnerable to security issues in a variety of ways.
The most obvious of these is a cyber security attack, either by hackers, a virus, or malicious software (malware). Any CMS used in a business environment needs to be built to withstand these attacks on a daily basis, and WordPress is definitely capable of doing so.
Another significant risk is when software has accidental weaknesses, issues, or vulnerabilities – known as bugs – built into its code. Bugs are common in software, and they can manifest as anything from a box appearing in the wrong place on your website to a platform vulnerability that leaks mission-critical data to cyber criminals.
Bugs aren’t difficult to fix, and we’ll explain later in this article why WordPress users can be confident that these kinds of risks are minimal with the platform.
However, when it comes to a CMS’s security, it’s important to understand the following point:
The biggest security risks, and the greatest opportunities for cyber criminals, are unsafe user behaviour, lack of best practices, insufficient maintenance, and poorly built sites. Not the platform itself.
Your behaviour, and the behaviour of your end-users, is an area that can be exploited or cause problems if you don’t prioritise security. That’s why it’s necessary to take a proactive, rather than reactive, approach to protecting your data. The rest of this article will help you do that, and remove any concerns you still have about WordPress security.
Is WordPress Secure?
The misconception that WordPress isn’t secure enough for large businesses still lingers, but why? Well, the main reason is because the platform is free-to-use, and so it was initially most popular among B2C blogs and smaller independent businesses.
Today, however, this couldn’t be further from the truth. Industry-leading enterprises such as private equity advisory firm Rede Partners LLP, global investment firm Coller Capital, and global research and advisory leader Forrester use WordPress for their CMS, just to name a few. This goes a long way to proving the apprehension towards WordPress security is unnecessary.
So, let’s explore the WordPress platform in more detail to understand why these global enterprises have full confidence in the security of their data, as well as the data of their clients and partners.
WordPress is already a secure, stable platform out-of-the-box.. You can rest assured its core code is highly secure, because it’s overseen by a team of security experts who thoroughly test and quality-check it on a continual basis. They regularly release updates and reinforce any potential weaknesses before they’re exploited to protect you against any new-found threats.
A team of security analysts study the ever-changing cyber security landscape and respond to it with speed and precision.
While WordPress may be seen by some as a CMS for small businesses, the speed at which security updates are implemented is arguably the best in the world when compared to other platforms.
WordPress is also open-source software, which means all the code it’s built on is available to the public. Anyone from outside the WordPress team can view it, download it, and make adjustments to it. Users often suggest their own changes and updates to the code by submitting them to the WordPress moderator team for approval. If improvements are made to the WordPress code, these updates will be released to the global user base.
These people are part of a global community of dedicated, passionate users who work hard to ensure the platform is always developing into the best version of itself possible. Anything WordPress’s own team misses, the developer community will catch. This means users are often fixing bugs and shutting down potential opportunities for cyber criminals, keeping the platform safe for everyone else.
WordPress Security Vulnerabilities
While WordPress does have the support of some of the brightest developers in the world, who keep it as secure as possible, they can’t take care of everything for you. As mentioned earlier, your biggest security risks will probably lie within your own business, regardless of what CMS you’re using.
Additional security vulnerabilities can arise in certain scenarios, often caused by ignoring best practices or failing to take responsibility for simple maintenance of the platform.
Web Hosting
Your hosting environment is an important factor that can influence how secure and protected your data will be. Your WordPress websites will be hosted in a server that stores your files and data in a data centre.
WordPress, like any platform, should be hosted in a secure environment, with an experienced provider who prioritises security as part of their services. This should include putting proactive security measures in place for scenarios like unplanned down-time or even natural disasters.
Secure hosting should also involve automated monitoring for malicious activity and vulnerabilities in your servers and software, as well as incident response.
Before choosing your hosting service, be sure to carry out some due diligence and look into the security best practices of your host. In many cases, it’s wise to work with an agency partner who will help you with this, but more on that later.
Plugins
While the WordPress community is one of the platform’s greatest strengths, interacting with unsafe additions to the software can also be its downfall for some businesses. It’s important to be cautious of the constant stream of new features, updates, and plugins being made available, because some of them could create issues for you.
To avoid these problems, you shouldn’t download plugins unless they come from recognised, credible sources. Furthermore, you should always ensure all your plugins are correctly tested, maintained, and updated.
We appreciate this may sound complicated. For that reason, you should entrust this responsibility to a partner. When using WordPress to build and manage websites, a good agency should help you ensure everything is secure and up-to-date.
Software Updates
When you’re running a website or application on WordPress, you’ll regularly receive software updates from the platform. Any time an update comes through, it’s because certain bugs have been fixed or some improvements have been made.
It’s crucial that you keep up with WordPress updates because they’re there to keep your site secure. By leaving your site running on outdated versions, you’re at risk of a known issue being exploited by cyber attacks. Again, this should be taken care of by your agency partner so you don’t need to worry about keeping your web platform up-to-date.
Tips to Strengthen WordPress Security
If you still have doubts, there are some simple steps you can take to further strengthen the security of the WordPress CMS. Some of these more general tips can also be applied to most website platforms and other software software products in general as well.
Use a managed hosting service that offers enterprise-grade security.
You wouldn’t rent an office in a building that leaves its doors unlocked at night. Why would you place your sensitive data in a data centre that isn’t fully secure?
Some things you should consider non-negotiable for a web hosting provider to offer include:
- 24/7 support
- Back-up and disaster recovery
- Fully-managed service
- Automated monitoring and alerts
- 99.99% up-time
- 100% pass-rate for data centre audits.
Put back-up and disaster recovery services in place to ensure you’re protected from all potential risks.
To build on the above point, ensure your hosting service has measures in place for back-up and disaster recovery. This fail-safe measure will give you a way to save and recover all your data in the event of any losses.
Do not use, or allow your agency to use, any plugins from unrecognised sources.
As mentioned earlier, only use plugins from sources you trust. You should also keep all plugins and additions to the platform up-to-date, and make sure they’re rigorously tested – or, rather, make sure you can rely on your agency partner to do this for you behind the scenes.
Use plugins alongside security-specific enhancements.
You can further bolster the security of the WordPress platform by leveraging security-specific plugins such as WordFence, Sucuri, and Defender Pro. These can inform you of potential vulnerabilities or incidents so you can respond quickly before they have an impact on your business.
Don’t use tools that enable direct access to your site database from within the dashboard.
Some digital tools or extensions give direct access to your site’s database or files from within the dashboard, to make managing your website easier. This is something to avoid, because they’re often a major security risk.
Enable SSL
Enabling SSL (Secure Sockets Layer) introduces a protocol which encrypts the transfer of data between your website and your users’ browsers. This makes it more difficult for cyber criminals to steal information and data online.
Encourage your users to follow security best practices.
You can put all the security measures and data protection possible in place, but they could all be for nothing if a weak password or bad behaviour compromises your website.
Some security best practices every business can easily implement include making strong passwords compulsory among all users and introducing additional measures like two-factor authentication.
Rely on an Expert to Minimise Your Security Risks
As touched on throughout this article, another factor which will determine how secure your WordPress platform is will be which agency you decide to work with.
While deciding whether to invest in WordPress is a big decision, don’t underestimate the importance of finding the right agency partner to support you with your CMS, especially when it comes to WordPress security.
Ultimately, you should understand that:
- WordPress by itself, out-of-the-box, is secure enough for most businesses to use.
- WordPress in the hands of an inexperienced or negligent agency will create significant security risks.
- WordPress is the hands of a dedicated, specialist partner is a platform you can trust and rely on without any concerns.
Your data will be fully protected if you work with an agency who takes security seriously and prioritises it at the core of every development task they deliver for you.
That means they should be capable of handling secure architecture, testing, monitoring, updates, and ongoing support for you as part of your service. You should always take the time and care to find a specialist agency partner who has a proven track record of building robust, reliable sites, to ensure you’re minimising your risk.
WordPress is a Suitable Platform for the Enterprise
Cyber security and data protection are critical for businesses of all sizes, across all industries. But it can’t be denied that large businesses often face more severe consequences by falling victim to a cyber attack or data breach.
Choosing a platform that you have total confidence in is a necessary factor in the process of evaluating your options for a CMS.
When you have your own role and responsibilities to focus on, the last thing you want is to be constantly worrying about the security of your site. Following the advice and best practices listed in this article will provide you with a highly resilient WordPress platform with enterprise-grade security. That will allow you to spend more of your time creating an outstanding website that differentiates you from your competitors and drives business growth.
If you need more help understanding and evaluating platforms to deliver a web design and development project, read our comprehensive guide to selecting the right solution here.
Would you like these insights straight to your mailbox?
Company Milestone
28 August, 2017
SoBold has become the exclusive digital partner for Clanwilliam Group
As of September 2017, SoBold has become the exclusive digital partner for Clanwilliam Group.
About Clanwilliam Group: Clanwilliam Group, headquartered in Dublin, Ireland, operate a number of industry leading brands in the private and public healthcare sectors across the Republic of Ireland, the UK, Australia, New Zealand as well as other worldwide locations. Formed in 2014, Clanwilliam has rapidly expanded in size, now with over 15 brands under the Clanwilliam Group umbrella. Clanwilliam is driven to establish itself as a global group of highly synergistic healthcare technology and services businesses.
About SoBold: SoBold Digital Marketing, founded by Managing Director Will Newland in 2014, work with companies and brands deriving from an impressive multitude of sectors including Healthcare, Fitness, Luxury, Hospitality and more. With a growing portfolio of over 80 brands, SoBold has a proven track record of delivering expertly crafted digital marketing solutions to help small and medium sized businesses grow and flourish.
We are delighted to become Clanwilliam Group’s exclusive digital partner. Clanwilliam is rapidly increasing their reach in the Healthcare sector and we at SoBold are proud to work with them to implement a powerful digital strategy.
Would you like these insights straight to your mailbox?
Digital Business
2 March, 2023
Harnessing Your New Website’s Full Potential by Taking a Block-Based Approach With WordPress
Did you know you can use a block-based approach with your WordPress website to gain more value from the platform, with significant advantages in flexibility, scalability, and ease-of-use?
In this article, we’ll explain what blocks are, how they work, and how you can use them to build enterprise-grade websites quickly and efficiently, without compromising on quality.
—
WordPress is the most popular content management system (CMS) in the world right now, and it has been for a while. Unfortunately, though, some people still have the wrong impression that it is a CMS that can only be used to build more simple websites that do not have any real complex functionality or integrations, but this couldn’t be further from the truth.
In fact, WordPress is far more intuitive and robust than most realise. The fact that around 45% of all websites online today are built on the platform goes a long way to prove that. WordPress also provides more scalable, agile capabilities that are perfectly suited to building enterprise-grade websites if leveraged in the right way.
There are intelligent – but still very straightforward – ways to use WordPress that can unlock more value from the CMS. If done with the right guidance, this can make WordPress a far better option than the more traditional, rigid approach of building websites.
This is an opportunity most large businesses are currently missing out on. In this article, we’ll show you how using blocks is a more flexible approach that can provide you with a wealth of benefits.
Understanding How Using Blocks In Your Website Backend works
In 2018, WordPress released a new block-based design and editing user interface (UI), known as Gutenberg. Instead of the typical page creation and editing functionality of a CMS, where you’d input text and images into a rich text editor, you can now build your site by creating and using a set of components. Components are blocks of code which have pre-defined style and input types.
Each component is named, to denote what it is from the perspective of the front-end of your site on the web page.
Note: Some agencies only provide a list of block names, but here at SoBold we also provide screenshots of each block so you can see it first. This makes the process much easier and saves you a great deal of time.
Each part of each web page is made up of these components, as pictured below.
However, taking a bespoke approach, you can design and construct unique blocks that are entirely your own. Blocks or components can be built for you by your agency so they’re bespoke to you, your style guidelines, your design preferences, and so on. And, when building your site, you can go into your pre-built components and edit things, like changing background colours, adding images, adding text, and so on.
This can be set up for you by your agency, so you have everything you need to create, edit, and publish new pages with your pre-built blocks. Anytime you need to create a new page, you just have to pick the appropriate components and place them in the correct position to quickly and easily build the page.
The Business Benefits of Using a Component-Based Approach
Scalability
Scalability is one of the greatest benefits of using these blocks, especially if you are wanting to continue to build out your sitemap and build out the content.
This scalability is where WordPress really shines, enabling simple, rapid, virtually limitless scaling of your website with a high level of accuracy. This is a cost-effective way of growing without having to compromise on the quality of your design.
Flexibility
Blocks provide you with a great deal of flexibility in building, editing, and structuring of pages as well. The ability to customise all your components, along with the intuitive drag and drop functionality, allows you to effortlessly adapt and expand on your website.
Efficiency
Building components, and repurposing them repeatedly across your website, is a highly efficient way of growing your site. It also makes it very difficult to make mistakes or take a wrong turn.
This efficiency of reusing blocks across your website will free up time for you to develop innovative new features, or focus on improving the service and experience you provide your clients.
Ease-of-Use
If you have non-technical members of your team who would benefit from using WordPress, blocks will almost certainly improve the usability of the CMS for those people.
An easier design and editing function helps more members of your team create web pages within clear, pre-set brand guidelines. That’s another aspect that frees up more time and resources to focus on higher value tasks.
If you’re working with a design and development agency, this also makes it much easier for them to be able to train you and enable you to use the platform to manage your site.
Faster Time-to-Market
All this efficiency and ease-of-use will enable you to achieve a faster time-to-market for new web pages, extensions of your site, or even entirely new websites.
That can, in turn, create competitive advantages for your business, particularly if your competitors are working with CMSs that are slower and harder to use.
Whether it’s you or your agency handling this, you can create and publish new web pages quicker than you could with any other approach.
Lower Costs and TCO
As a result of all of the above, you can reduce costs on development and design, and achieve a much better total cost of ownership (TCO) with the WordPress platform.
Something that takes an inexperienced agency days to complete with the classic design approach can be done in hours using bespoke blocks. This drastically reduces development costs and gives you a lower TCO in the long-term.
The Importance of Finding a Capable Agency Partner
As mentioned earlier, bespoke blocks provide you with a proven way to unlock more potential with WordPress and gain greater value from the platform. However, in order to do that, it’s important to find the right agency partner. You’ll need an agency with enterprise-grade expertise and a certain level of skill to guide and support you through this process.
Taking this approach to building WordPress websites is nothing new, but the real value here comes in creating blocks that are completely unique and specific to you, then enabling your team to use those to scale your site.
Many WordPress agencies may lean on the generic block editor. But to get this right, you should push beyond that to find a partner who can educate you on the opportunities of using a bespoke design system to build a high-performance website that’s effortless to manage and edit.
A great partner will also facilitate this for you in a way that ensures you have control, removing the risk of any users making mistakes with the flexibility of this system. You won’t need to worry about the integrity or quality of your site being spoiled because all your components will be built specifically to prevent that.
You’ll gain tremendous value from receiving an intuitive, quality website that you can easily grow at will, but one that’s also managed and supported by an experienced partner. Sticking to these blocks helps you stay within brand guidelines, adhere to best practices, and keep your site consistent.
You then have the choice to manage, edit, and expand your site yourself, or rely on your partner to do it for you quicker, easier, and more efficiently than they would with a traditional CMS.
Making the Most of Your WordPress Platform
Modern businesses today require a powerful, sophisticated CMS that can deliver great websites at scale with enterprise-grade performance. WordPress is a platform that’s built to provide all those qualities and more. Embracing this block-based approach is the most effective and efficient way to achieve that.
With a skilled agency partner to help you maximise the value your business gains from the platform, you’ll quickly realise just how well WordPress can deliver agile, intuitive websites.
If you’re in the process of evaluating platforms to deliver a bespoke web development project, check our comprehensive guide to assessing and selecting the right CMS here
Would you like these insights straight to your mailbox?
Digital Business
5 January, 2023
WordPress vs Sitecore – Comparing Both Content Management Systems
Large businesses and enterprises in need of a content management system (CMS) today are spoilt for choice, because there are plenty of excellent platforms available. From WordPress to Sitecore to Drupal, the technology currently on offer is highly intelligent and intuitive.
But so much choice can make the task of finding the right CMS for your own specific business complicated and time-consuming.
Selecting a CMS is an important decision that requires a lot of research, followed by careful evaluation of all the various options. Of course, those processes can be very time-consuming. When you’re already extremely busy juggling dozens of other priorities, it’s challenging to give this the attention and effort it deserves.
To solve that challenge, we’ve done the bulk of the hard work for you. In a new series of articles, we’ll provide you with direct, objective comparisons between some of the leading options for CMSs, helping you relieve the headache of researching and evaluating them yourself.
In the first article of this series, we’ll be looking at the comparison between Sitecore and WordPress.
How Does the Security Compare for Both Platforms?
As we face ever-increasing concerns with cyber security, data protection, and various other digital challenges, finding a platform with robust security should be a top priority.
Sitecore Security
Sitecore has a reputation of being the leading CMS for large businesses, guaranteeing an enterprise-grade experience that includes a high level of security.
Sitecore’s security is also strengthened by the vast range of in-built features within the platform, which we’ll discuss in more detail later. There’s no need to purchase more third-party software or plug-ins to enhance its functionality, which means you won’t be creating any additional vulnerabilities or risks. The platform also receives frequent security updates which bolster your protection even further.
If security is a concern for your business, Sitecore should be high on your list of potential candidates for a CMS.
WordPress Security
For a long time, many people believed the misconception that WordPress isn’t secure enough for large businesses. However, industry leaders such as global investment firm Blackstone, the NHS in England, global research and advisory leader Forrester, and multinational bank Standard Chartered now use WordPress for their CMS. This goes a long way to proving that wrong.
In fact, WordPress is already a secure, stable platform out-of-the-box. So, where did this myth come from?
Well, vulnerabilities can arise in certain scenarios. Firstly, strong security with any technology is dependent on a well-managed hosting environment. If you have WordPress hosted in a secure environment from an experienced provider, with proactive security measures in place, your risk will be extremely low.
Secondly, plugins are something to be cautious of when it comes to security, both in terms of where they come from and keeping them properly maintained. Security threats will be minimised if you only use plugins from trusted sources. You should also ensure you always keep them tested and updated, ideally working alongside security-specific plugins like WordFence.
We appreciate this may sound like a lot of work. That’s why all the examples of the businesses succeeding with WordPress have the support of an agency partner who ensures all these things are taken care of during the development stage. It’s worth noting, though, that this will also be the case when adopting any CMS in a business setting.
Which Platform is More Scalable?
One of the most important aspects of a CMS is its scalability. A CMS is a long-term investment, and this is one of the most influential factors in determining whether that investment will be successful or not.
You’ll need to ensure your site can evolve as your business grows and your needs change over time. This will require an infrastructure that can quickly and easily scale with more pages, additional functionality, and perhaps even more sites, without the burden of hefty costs for more development work.
How Scalable is Sitecore?
Sitecore is designed specifically for large businesses, so its scalability is up there with the very best. Sitecore is a robust platform that allows your digital presence to grow seamlessly as your business grows, even if you need to build multiple sites to serve different groups of users in different languages.
How Scalable is WordPress?
WordPress is another highly scalable platform. Despite some still mistakenly believing that WordPress is suited to smaller businesses, you can use the CMS to build sophisticated, industry-leading sites. Like Sitecore, WordPress is agile and scalable enough to grow alongside your business and adapt to your changing requirements.
How Capable are these Content Management Systems?
The main purpose of a CMS is to provide a software-based infrastructure upon which you can build and manage websites and applications. While most CMSs are similar on the surface, with the same fundamental functionality, they each have unique features and capabilities that differentiate them
For example, one critical indication of quality for a CMS is how easy it is to use. Once you’ve adopted a platform, you and your colleagues will need to feel immediately comfortable using it on a daily basis. If a CMS can’t provide good usability, it’s probably one you should avoid.
Sitecore as a Content Management System
Sitecore is actually considered a fully managed ‘digital experience platform’ that comes with more capabilities than the average CMS.
Most of its best features are readily available as soon as you begin using Sitecore. That allows you to get a high quality site live very quickly without additional work within the platform.
However, Sitecore typically provides quite hierarchical, complex workflows that might be frustrating for small or agile teams. This can also create longer development cycles than usual, giving you a slower time-to-market than more intuitive systems like WordPress.
WordPress as a Content Management System
WordPress is easily the most popular CMS in the world right now, with around 45% of all websites built on the platform. One of the main reasons for that is its ease-of-use, with simple and efficient content management
This usability allows you to get up-to-speed quickly and share responsibilities across several members of your team, even if they have no previous content management experience.
WordPress also makes it convenient to edit content on a page-by-page basis, saving you valuable time, with its block-based design an ideal method for customisation and site management.
How Much Personalisation do they Provide?
The ability to customise and tailor your site’s content to your target audiences is more important today than ever before, with so much of modern business now taking place online. Therefore, this is another important point to consider when choosing between your various CMS options.
Personalisation in Sitecore
When compared with other platforms, Sitecore’s personalisation is excellent. Sitecore will provide you with a great deal of control over the structure and design of your pages, allowing you to tailor your user experience and drive greater performance for your site.
This is particularly useful for larger businesses with high volumes of potential site visitors, delivering competitive differentiation and driving increased conversion rates.
Personalisation in WordPress
WordPress is also highly customisable. You can use its flexibility to get creative with your design, and build bespoke features and functionality to better engage with your audience.
There’s not much to separate Sitecore and WordPress in this area. The gap in personalisation becomes even smaller if you find an experienced agency with WordPress-specific expertise to help develop your site and improve your customer experience.
Integrating with Other Systems
Before your business invests in any digital platform, it’s important to ensure that technology can integrate easily with your existing software. Whether it’s your customer relationship management (CRM) or any other marketing systems, any digital tools you currently have should ideally be compatible with your new CMS.
How Sitecore Integrates with Other Systems
Sitecore integrates well with other systems. It allows you to achieve out-of-the-box integration with most of the leading CRM software, and plenty of other digital tools and platforms.
How WordPress Integrates with Other Systems
WordPress tends to be the easiest platform to integrate with your existing systems, because most brands and other SaaS products have already made themselves compatible.
This means you can deploy WordPress with minimal disruption, regardless of whether you’re building a new site from scratch or migrating your current site from a different CMS.
Total Cost of Ownership (TCO)
Of course, you’ll also want to ensure you’re getting a solution that will deliver good value for money. With a CMS, the total cost of ownership (TCO) can vary greatly from one platform to another, due to factors like licensing fees and update-driven maintenance.
Sitecore Initial Investment and Ongoing Costs
Sitecore is an expensive option, even if you have a large budget to work with. You’ll be required to purchase licences for the platform with an ongoing renewal fee each year. These licenses come in tiers, so if you want to access the full range of benefits from Sitecore you’ll have to opt for the most expensive offering.
On top of that, you’ll also need to account for development costs with an agency, hosting costs, maintenance and support fees, and various other expenses that give Sitecore a very hefty total cost of ownership (TCO).
Furthermore, Sitecore requires ongoing management and maintenance to handle regular large-scale updates to the platform. When updates occur, new versions of the software come with a big price tag and may cause you to pay for additional development work to get your site up-to-speed.
However, this could be a worthwhile investment if Sitecore’s features and capabilities are necessary for your specific requirements. If you’re looking for a quality, trustworthy enterprise-grade platform, Sitecore can justify the cost.
WordPress TCO and Value
Conversely, WordPress is a much more cost-effective solution with a drastically lower TCO. Licenses for WordPress come at no cost and the software is entirely open-source. That means your implementation costs would be limited to just hosting, agency fees, and post-deployment support.
If you decide to use any plugins or extensions of the platform, these will be licensed and paid for separately. However, businesses rarely need to bolt on many new tools or capabilities because WordPress is such a feature-rich platform already.
When WordPress is updated, unlike Sitecore, managing and testing your site can be done in just a few hours at a much lower cost.
A Word on Agency Partners
One thing both Sitecore and WordPress have in common is the small selection of platform-specific agencies who can build high performance sites for large businesses using this technology.
A CMS becomes far easier to use, and easier to drive strong return on investment (ROI), if you have a specialist partner supporting you.
Finding an agency with the necessary experience and expertise to help you leverage these platforms to their full potential should be another important influence on your choice. From integration, to development, to maintenance, all the benefits and advantages of the platforms will require an agency to help you fully unlock them.
How to Make Your Decision
So, with all that information, how can you decide between the two?
Both of these platforms are excellent options that would serve most businesses extremely well. After all, there’s plenty of good reasons why some of the biggest companies in the world use Sitecore and WordPress.
Ultimately, when looking for a CMS that’s the right fit for your specific business, you should make a detailed assessment of your strategic objectives, unique requirements, budget, users, and other important factors. Use that to determine which solution is most capable of meeting those needs.
If you still need more help working through this process, read our comprehensive guide to understanding and evaluating the enterprise options for large businesses here.
Would you like these insights straight to your mailbox?
Announcement
4 January, 2023
SoBold’s 2022 Round-Up
As we’re now into the first week of 2023, this feels like an appropriate time to reflect on what was another thoroughly successful year for SoBold in 2022.
We’re now working with enterprise clients and providing them with excellent website design and development services. We’ve also continued to grow our client base and are proud to have consistently produced outstanding work on their behalf throughout the year.
We’re pleased to have strengthened our presence in the healthcare and financial services industries. Now, we’re looking forward to building and managing more scalable products for our clients in the year ahead.
Our High-Performance Team
The definition of “high-performance” will vary from person to person, and you may have your own idea of what it means to you. For us, as an agency, it means every member of our team holds each other accountable to always perform at the highest possible level, so we can achieve a standard of excellence for all our clients.
We’ve used “high-performance” as a core value of our company since day one, and have worked very hard over the years to build a “high-performance” team. In 2022, this continued to develop and has allowed us to push those standards even higher, which is something we take a lot of pride in.
We were excited to see all three of our business teams grow in 2022: design, development, and operations. Over the past year, we also made a conscious effort to ensure the whole agency is working closer together as a more functional unit, for the benefit of our clients.
As the team has grown, we’ve had to implement more processes, which has allowed us to scale, and will enable us to continue to scale, as we move into the next cycle of our business.
Congratulations to Ivo Georgiev, who’s coming to the end of a successful apprenticeship scheme, which he did with us and the help of QA’s Tech, Digital, and IT Apprenticeship.
The SoBold Website!
In 2022 we launched our new SoBold website. Finding time to do this while continuously delivering projects for our ever-growing client base was a challenge, but one I’m really proud of the team for managing so well. We used this as a beta project to roll out a new SoBold workflow, and whilst there’s still some way to go to perfect this, we’re really happy with how it’s looking on the front-end!
Every member of the team worked on this in some way or another, and we’re already getting considerably more inbound leads and exposure from it.
We’ve been working hard on becoming more active in the online community as well, and this is notable particularly over the last quarter where we’ve increased our marketing. We were fortunate to be interviewed by Cloudways, who are a cloud hosting service provider we work closely with, and you can see this interview here.
Clutch has continued to be a new business driver for us and our profile has gained more exposure amongst the country’s best website design and development businesses.
We’ve also begun producing a selection of in-depth guides and blog articles to help our community more easily navigate the current technology landscape. You can find all that useful content on our blog.
Our Clients
We’re grateful to have worked with so many wonderful people from some brilliant clients over the past 12 months, and have built an array of different sites each with their own unique brief and challenge.
If you’d like to gain insight into the process we follow with our clients for project briefings, check out this recent article, which also includes a helpful brief template.
This is a great chance to showcase below some of the work we’re most proud of in 2022, for a selection of companies who are doing some very interesting things to make positive change in their respective industries:
Built and Live
Jamie and the Jam – Jamie and the Jam conceptualise, create, deliver, and manage beautifully bespoke content for their clients and their audiences.
Amplitude Clinical – Amplitude is a leading UK Patient-Reported Outcome Measures (PROMs) and clinical outcomes platform.
Arenko – Arenko is a market-leading technology provider enabling the clean energy transition.
Dictate.IT – Dictate.IT helps healthcare organisations across the UK and Ireland harness the power of speech to deliver seamless, efficient, and effective document management.
Edgerley Simpson Howe – Edgerley Simpson Howe are specialist out-of-town retail, leisure, and commercial roadside property consultants.
Pippo – Pippo lets you book your GP appointments whenever and wherever suits you.
Common Purpose – Common Purpose offers exceptional personal training in the heart of Mayfair. If you’re looking to start with a new gym or PT in the new year, Common Purpose are your guys to speak to!
Still Waiting to go Live!
Coller Capital – Coller Capital is one of the largest global investors in the private equity secondary market.
Healthlink – Healthlink connects more than 15,000 medical organisations across Australia and New Zealand.
Konnect Net – Konnect Net helps businesses in the insurance and health sectors exchange data in a quick and secure way.
Turvec – Turvec is a bike parking company specialising in designing, installing, and maintaining secure and user-friendly bicycle storage solutions and two-tier bike racks.
There’s also a handful of special clients listed below that want to highlight, either because of the longevity of the relationships or the positive impact our work has made on their businesses:
Kapow Primary
Kapow Primary, whom we’ve been working with since 2018, is now used in almost one third of all UK primary schools, with over 30,000 primary school teachers using the Kapow Primary platform each week.
Our amazing Kapow team has been working on some really inspiring projects over the past few months particularly, and we cannot wait to share more when we publish these live.
You can learn more about our work with Kapow, and how we first started, in our case study here.
Rede Partners
We started working with Rede Partners in late 2019 to help bring their vision ‘RedeWire’ to life. RedeWire is a new interactive online limited partner (LP) portal, providing instant access to Rede’s current fundraising offering.
RedeWire has had a closed launch, so we’re really excited for it to launch to their wider audiences in Q1 of this year.
Transport for London
Transport for London has renewed its cookie management contract with us for a fifth successive year. This highlights not only the great work we’re doing with them, but the importance of the relationship we’ve built with them.
We recently became only the third Platinum Certified Partner with Cookie Bot in the UK and this is a service we believe will continue to grow into 2023 and beyond.
You can learn more about our work with Transport for London here, and you can also read about our contract renewal in our press release here.
Clanwilliam
We’re proud to have been working with Clanwilliam since 2017, and our relationship has flourished each year since then. We initially started working with their Global HQ, before being rolled out across their three divisions Clanwilliam Ireland (site being redesigned in Q1 2023!), Clanwilliam UK, and Clanwilliam ANZ.
We work with over 15 of their brands designing, developing, managing, and hosting their websites. We also work closely with these brands to help them with their branding and print design activations.
2022 saw Clanwilliam take a major shift in their global brand, choosing us to help them rebrand from Clanwilliam Group, dropping the ‘Group’. We worked closely with their Global Brand and Communications Director, Lauren Turner, to help bring this to life.
We all went into the process looking to rebrand Clanwilliam in its entirety, changing the logo and creating a completely new brand. However, we quickly realised the logo was going to stay and the brand needed to change around this.
We uplifted Clanwilliam’s colour pallet and fonts, creating a new brand that much better reflects their company’s values and ambitions.
You can see a more detailed case study about what we did here.
It’s Not All Websites Though!
Our talented Graphic Design Team was busy in 2022 too, across multiple rebrands and supporting various Knight Frank divisions. Some of our Knight Frank work is highlighted here.
We’ve also successfully managed to move all our clients into our Positive Park Hosting environment, which is based in Cambridgeshire. This has meant all our sites are running on a more optimised and bespoke server, tailored to their needs. Our VIP enterprise-grade support at the hosting park has made a positive impact, ensuring all our clients have peace of mind that their sites are secure and stable.
The hosting environment is an eco-friendly data centre that uses 100% renewable energy and is certified by the Green Web Foundation.
You can learn more about our hosting solution on our WordPress Website Hosting service page.
In addition to working with our clients, we’ve also been working hard on improving our processes, becoming more compliant and becoming a more reputable company across the board.
We became ISO 90001-compliant in 2022 and have successfully put our project management systems in place. Our Project Manager, Anna de Moraes, has been instrumental in implementing processes to optimise our workflow, and she’ll continue to drive the business forward into 2023.
We were absolutely delighted to work with Nation.Better to get a Skilled Licence VISA sponsorship as well, which opens up opportunities for us to hire more global talent. This is something as a business we’ve been looking forward to for a while now. Getting this licence and already hiring two people, and giving them the opportunity to work in London, is something we’re really proud of.
We also renewed both our Living Wage Accreditation and Cyber Essentials certification.
2023 and Beyond!
2023 is only going to be bigger and better for us here at SoBold. We have big plans to execute on our hiring strategy and intend to grow the team across all areas of the business. Doing so will help us continue to improve the service we provide to our clients.
We’ll continue to work with key clients in our industry focuses: healthcare, finance, real estate, and SaaS. As we work with more medium to enterprise-sized clients, we’re confident we’ll become more recognised as the High-Performance WordPress agency.
Thanks for reading. We hope you have a great year in 2023!
To keep up with all the latest news and updates from our agency, and gain priority access to our weekly learning resources, please do join our community by subscribing to our newsletter below.
Would you like these insights straight to your mailbox?
Industry News
21 June, 2022
Pixel Pioneers Bristol 2022
If you’ve never been to a conference of any type before, you possibly think you already know the important areas of your profession and can find out any developments from your colleagues or the internet. At least that’s what I thought prior to attending Pixel Pioneers 2022.
Which option sounds more appealing to you? Pick up extra skills on occasion, or go to a conference and absorb a mega-dose of industry knowledge, make connections and enjoy exploring fresh surroundings? Luckily at SoBold we have the opportunity to do both.
The conference covered both ends of the telescope – from broad topics such as energy consumption, to a fifty minute talk about the brief three milliseconds your screen goes blank in between webpage loads. How the visually impaired experience the internet, to technical developments in styling / fonts.
My personal hero was Chris How – his mantra of valuing your customer’s time and giving them small moments of delight strongly resonated with me. In accordance, I want to guide you through the content of the conference, with links to the core material that will best replicate what the SoBold team saw, whilst valuing your precious time.
GAVIN STRANGE : Less Thinkering, More Tinkering
A must watch to boost your levels of creativity. Gavin shares his personal and professional projects with Aardman Studios. Lots of useful insights into reaching the pinnacle of creativity. Highly engaging delivery, visuals and plenty of ‘further reading’ material. Definitely worth watching in entirety. Gavin Strange website – will give you a sense of his creative flair and influences. https://www.jam-factory.com/
“It’s better to beg for forgiveness, than ask for permission.”
Gavin Strange
BIANCA BERNING : Variable Fonts – WTF?
From a technical and design standpoint, learning about variable fonts is incredibly useful. Towards the end Bianca veers into the potential application of variable fonts – imagine a world where your computer mutates its content to fit the viewer’s specific needs. If you’re looking for new avenues for unique artistic features for your website – this talk is for you. Everyone should have a play with variable fonts – try it here https://v-fonts.com/
CHRIS HOW : You Got to Fight for the Right to Delight
Chris’s choice of examples and commentary is intentionally entertaining and eclectic. His approach to design changes your criteria for success and also would decisively influence your next project. Essential viewing. Whether you’re a seasoned designer or developer short of a design, this talk will give you a guiding direction. Information on the Kano product roadmap here. https://www.productplan.com/glossary/kano-model/
LÉONIE WATSON : Accessibility: The Land That Time to Interactive Forgot
Visually impaired people experience the internet through screen readers – the internet described in words. Léonie’s valuable insight will definitely re-balance your priorities and appreciation for how websites should function. Some of the technical history she overviews was a bit lost on the audience but the switch in mindset is valuable. Important to dip into, especially for gleaming a deeper understanding of how a web document is compiled and loaded. It might sound ‘techy’ but it’s like understanding how our lungs work – illuminating. If you haven’t viewed any of your own websites using a screen reader – you definitely should. For a great sense of how the net is best experienced for visually impaired users – just check out her website – tink.uk
LUKE MURPHY : Lightning Talk: Design Tokens – Searching for a Source of Truth
Design Tokens act as a very useful tool for blending the boundaries of where design and development meet, in fact, they act as a technical element that affect design and development in equal measures. If you have no idea what a design token is – this talk could unlock a tonne of structure for your product. Here’s an overview article on design tokens
HANNAH SMITH : How to Make Digital Services More Sustainable
Hannah Smith’s talk invited us to critique our energy consumption and make changes to our habits as both consumers and producers of digital content. She makes the case that space travel is a waste of resources, and that using less lays the path to fulfilment. See if her arguments resonate with you. Hannah’s book recommendation – Doughnut Economics by Kate Raworth
JHEY TOMPKINS : Supercharge Your Skills with Creative Coding
A mad professor of CSS and JavaScript – Jhey has a mixture of technical tricks and interesting libraries for speech recognition. Deadpan yet full of colourful examples, Jhey clumsily demonstrates his collection of magical creations and challenges you, the developer, to break out of your ‘siloed’ mentality for visual presentation. Check out his catalogue of wondrous CSS/JS creations here
STUART LANGRIDGE : You Really Don’t Need All That JavaScript, I Promise
Painting with the broad brushes down to the nat-hair infinitesimally small details, Stuart reminds us of the importance of returning to the basics in order to best utilise the web. Unfortunately some of the libraries he suggests do not have extensive compatibility and thus aren’t for mainstream production… yet. His insight does provide a deeper understanding of the mechanics of the tools we use, although the message is quite drawn out. Example of the shared transitions js library https://codepen.io/drenther/pen/NjzeOO
RACHEL ANDREW : What’s New in CSS?
Rachel Andrew – new css features either in or emerging from or newly arrived from CSS-land. Truly at the coalface of emerging CSS features. For a frontend developer it was akin to being shown new letters in the alphabet that were being proposed. A summary of similar information can be found here – https://www.smashingmagazine.com/2022/03/new-css-features-2022/
Bristol itself is well worth a visit – a centre for nightlife, hedonism and youthful idealism. Simply walking around the harbour area in the daytime will refresh your appreciation for one-of-a-kind shops and overflowing street art. Make sure you have plenty of free space in your phone for all the photos. The SoBold team had a very enriching experience and bonded even tighter as a team. I hope to see you at the next one!
Links to the conference videos will be available via the Pixel Pioneers website.
