Digital markets have experienced significant growth and dominance by a few companies and their platforms, raising concerns about competition, consumer choice, and data access. To address these issues, both the European Union (EU) and the United Kingdom (UK) have introduced regulatory reforms.
The EU has implemented the Digital Markets Act (DMA) and the Digital Services Act (DSA), while the UK has proposed the Digital Markets, Competition, and Consumer Bill (DMCCB) and the Online Safety Bill.
We’ll look at the regulatory approaches taken by the EU and UK, highlighting similarities and differences in scope, applicability, the importance of consent and how to get started with compliance.
Data privacy regulations in the European Union
The Digital Markets Act applies to companies designated as “gatekeepers” by the European Commission. Gatekeepers are the owners and providers of what the Commission identified as core platform services (CPS), such as search engines, social networking services, video-sharing platforms, and cloud computing services.
Companies designated as gatekeepers must carry out self-assessments to determine that they have met and continue to meet both quantitative and qualitative criteria. The list of gatekeepers may grow or change over time based on these criteria.
The quantitative criteria include a minimum annual turnover of €7.5 billion in the EU and at least 45 million active monthly users on the relevant platform or service in the last three financial years. Qualitative criteria consider the impact, importance, and market position of the CPS provider.
The DMA’s requirements are similar in many respects to those of the EU’s General Data Protection Regulation (GDPR), but are broader in some ways, addressing additional access to and uses of end users’ personal data.
Data privacy regulations in the United Kingdom
The Data Protection Act 2018 (“DPA”) covers the general processing of personal data in the UK and came into force on 25 May 2018, just before the EU GDPR took effect.
Following the end of the Brexit Transition Period, the EU GDPR became part of UK law through the European Union Withdrawal Agreement, and the Data Protection, Privacy and Electronic Communications Regulations 2019 (Exit Regulations).
The EU GDPR gave rise to the UK GDPR, which came into force on January 1, 2021, as the EU GDPR no longer protected UK citizens’ data. It includes the provisions of the EU GDPR with only minimal changes to the core principles, rights and obligations for data protection.
The UK GDPR and the DPA 2018 (amended version) are now the principal data protection regulations in the UK. They require businesses to protect individuals’ data, obtain consent to collect and use it, and protect data subjects’ rights.
The Privacy and Electronic Communications Regulations (PECR) implemented the EU’s ePrivacy Directive (Directive 2002/58/EC) and sets out privacy rights relating to electronic communications. The PECR came into force in 2003 and .
The “British DMA”: Enter the Digital Markets, Competition, and Consumer Bill (DMCCB)
In the U.K., Parliament has yet to pass the British equivalent of the DMA, the Digital Markets, Competition, and Consumer Bill, or the DSA equivalent, the Online Safety Bill.
The DMCCB applies to digital commercial operations in the UK or affecting the UK market, which are deemed to have Strategic Market Status (SMS). The definition of a digital activity is broad and includes any service provided via the internet.
To qualify as an SMS, a firm must meet criteria such as conducting a digital activity linked to the UK, having substantial market power, and holding a position of strategic significance. Turnover thresholds of £25 billion global turnover and/or £1 billion UK turnover are also considered.
Obligations and requirements
European Union: Digital Markets Act
The DMA imposes various behavioral obligations on gatekeepers. These include allowing third-party interoperability, granting access to user-generated data, promoting fair competition, and prohibiting preferential treatment of the gatekeeper’s services.
Gatekeepers must appoint compliance officers and submit annual compliance reports to the Commission.
Additionally, gatekeepers are required to inform the Commission about mergers (any “intended concentration” irrespective of whether they’re notifiable under the EU Merger Regulation or national merger rules. (DMA Art. 14.).
United Kingdom: Digital Markets, Competition and Consumer Bill
Strategic Market Status (SMS) firms in the UK will be subject to strict behavioral obligations under the DMCCB. These obligations revolve around fair trading, open choices, trust, and transparency.
The specific requirements will be tailored by the Digital Markets Unit (DMU) and the Office of Communications (Ofcom), the regulatory bodies overseeing the DMCCB and the Online Safety Bill, respectively.
SMS firms must also report proposed acquisitions meeting certain thresholds to the DMU.
EU vs. UK processes
European Union: (Digital Markets Act)
The EU’s legislative-driven model designates gatekeepers based on size and imposes behavioral expectations through regulation. The European Commission develops and enforces these requirements for compliance from gatekeepers.
United Kingdom: Digital Markets, Competition and Consumer Bill (DMCCB)
The UK’s approach involves more regulatory discretion. The DMU and Ofcom determine if a company has Strategic Market Status and tailor specific remedies accordingly. This approach allows for a more flexible and tailored oversight of digital platforms.
Participatory regulation
In the UK, both the DMU and Ofcom adopt a participatory regulation approach. This means regulators work closely with target companies to develop behavioral expectations and codes that can be enforced. The companies conduct their own Duty of Care analysis, which is reviewed by regulators that provide guidance and work collaboratively to define behavioral codes.
This means that beyond what’s defined by the two regulations, gatekeepers and SMS are required to determine their own privacy requirements to apply to third-party businesses using their services.
The importance of consent management for EU, EEA and UK companies
While both the European Union’s Digital Markets Act (DMA) and the United Kingdom’s Digital Markets, Competition and Consumers Bill (DMCCB) emphasize the significance of obtaining user consent for data processing activities, there may be variations in specific requirements and implementation.
To address these differences and get ready for data privacy compliance, follow these steps:
1. Understand the regulations
Familiarize yourself with the specific consent requirements outlined in both the DMA and DMCCB. Identify any variations in terms of lawful bases for processing, explicit consent, and additional obligations.
2. Assess your website or online platform’s data processing
Assess your organization’s data processing practices and identify any areas of noncompliance. Scan your website and check its degree of GDPR compliance.
3. Implement a leading European consent solution
Choose a consent management platform that enables GDPR and ePrivacy-compliant user consent collection and signaling for DMA compliance. Ensure that the CMP provides features such as granular consent options, secure recordkeeping, and user-friendly interfaces.
The specifics of CMP implementation do depend on what platforms you’re using, like your CMS, as well as other tools, including Google Tag Manager and other services. Cookiebot CMP is flexible, has direct integrations with leading website platforms, and can be installed with just a few lines of JavaScript. There’s also a cookie WordPress plugin.
4. Customize consent banners
Tailor the consent banners displayed on your website or online platform to meet the specific requirements of each regulation. Provide clear information about data processing activities, purpose specification, and the ability to manage preferences.
5. Update your privacy policy
Review and update your privacy policy to align with the requirements of the DMA and/or DMCCB. Include details about the types of data collected, the purposes of processing, parties with access to the data, and how user consent is obtained and managed.
6. Train your team
Educate your staff about the nuances of both regulations and the proper implementation of consent management. Ensure they understand their roles and responsibilities in obtaining and managing user consent.
Final thoughts
The UK and EU regulatory initiatives are creating de facto global digital risk management standards, by taking significant steps to regulate digital markets and addressing concerns related to market dominance, competition, consumer choice, and data access.
While the EU has implemented the DMA and DSA, the UK is in the process of enacting the DMCCB and the Online Safety Bill. The approaches differ in some aspects, but there’s a shared goal of promoting fair competition and protecting consumer interests.
Would you like these insights straight to your mailbox?
- Configured firewall options, IP access lists, and anti-phishing attack technologies
- Full responsibility for rapidly patching OSes and libraries
- Long-term-supported Linux distributions for maximum security.
- Compliance with ISO 27001/PCI-DSS/TIA-942
- A 100% pass-rate for any data centre audits
- 24/7 data centre staffing with experienced engineers and specialist security teams
- Document review services for your external audits
- Bespoke consultancy available if you have any major certification requirements.
- A fully-managed service provided by a team with decades of experience
- Round-the-clock, hands-on assistance, 365 days per year
- Deep technical understanding and expertise
- Proactive support from dedicated engineering teams and account managers
- High-level consultancy, including advice on new projects and technologies.
- Demographics
- Goals
- Challenges
- Motivations
- Preferences
- Frustrations.
- Design look and feel
- Structure and navigation
- Features and functionality
- User experience
- Content and layout
- Calls-to-action
- Speed and performance
- And anything else relevant to your project.
- Plugins
- Bespoke development.
- Does it have a large number of positive reviews?
- Is it built by an author with a good reputation?
- How active and trusted is the author in the WordPress community?
- When was the last date the plugin was updated?
- Has it been updated regularly enough in the past?
- Does the code quality meet our standards?
- Does the code align with modern WordPress development best practices?
- Is the plugin compatible with the WordPress block editor?
Hosting
20 June, 2023
Enterprise-Grade Web Hosting Explained
The type of hosting environment you select will have a strong influence on the success of your website. It’s important for you to find a secure, scalable web hosting service that you have 100% trust in to deliver high-performance at all times.
To simplify the options available to you, this article will break down the various types of web hosting services, and explore the non-negotiables we believe you should be considering in your criteria when making your decision.
The Fundamentals of Enterprise-Grade Hosting
Some of the most important things to look for with your hosting environment include:
Security – Cyber security is obviously an essential priority, and this should be top of your list of criteria in the current climate.
Performance – Your hosting environment should be set up in a way that makes your site capable of handling large surges of traffic.
Scalability – As your business grows, it’s likely that your site’s audience will grow. You need a hosting provider with the capacity to scale your services seamlessly to meet your needs, both now and in future.
Resilience – It’s important to ensure your hosting infrastructure is robust, and that it can gauruntee you certain performance levels and up-time.
Support – If anything does go wrong, you need to be assured that you have a quick, efficient support service in place to get your site back up and running as soon as possible.
Sustainability – With sustainability a growing priority on the corporate agenda, the carbon footprint of your data centre may be another important factor in your decision.
Option 1 – Shared Hosting Services
Shared hosting services can provide you with a basic secure server for your website. However, as the name suggests, these servers will be shared with a large number of other businesses. You won’t have any dedicated server of your own with shared hosting.
This approach does have some advantages, particularly in the area of cost. These shared hosting environments can cost as little as £1,000 per year. However, the down-sides to this often outweigh that cost benefit.
In many cases, the low cost of shared hosting services can often be reflected in the performance levels. This is because, with such a high volume of websites hosted on the servers, your performance has no protection if other sites are experiencing high volumes of traffic.
It’s also likely that you’ll only have access to limited support services when any issues arise. Many of the shared hosting options will have a ticketing system for support, where you’ll be at the mercy of the number of requests ahead of you in the queue. This could result in your website being ‘down’ during times where it’s business-critical.
Option 2 – Private Servers with Shared Hosting Providers
Most shared hosting providers will offer the option of having your own private server for an extra cost. This is often referred to as a VPS, which stands for virtual private server.
Rather than sharing a server with thousands of other businesses, you’ll only be sharing with a few others. While this is significantly better than the regular shared hosting options, you can still end up facing similar problems with performance and scalability.
This is another cost-effective approach, though, with some improvements over standard shared hosting. If you rely on an agency to set this up for you, they’ll likely put their smaller clients on a shared VPS and give their larger clients their own dedicated servers to minimise any potential problems.
Option 3 – Enterprise-Grade Private Web Hosting
Often the most reliable and trusted approach to take is to have your own dedicated server, which comes with a wide range of additional benefits.
With this option, your website is placed on its own private server in the cloud, managed by a dedicated team of specialists who offer personalised, hands-on support and ongoing optimisation.
Security
Enterprise-grade security should be a core part of the hosting service you choose, regardless of whether it’s private or shared. However, you’ll be guaranteed far greater security, with drastically reduced risk, when you work with a private hosting service.
For instance, a hosting provider should offer robust protection for your site, including:
Of course, compliance and certifications are another crucial aspect of cyber security these days. While some shared hosting providers may have the basic levels of compliance in place, most private hosting services will boast:
Performance
When taking this approach, you’ll receive your own bespoke service and will be provided with a hosting environment tailored to your specific requirements.
This will optimise everything included in your hosting package, from your preferred caching, loading speeds, performance requirements, up-time, and more.
You’ll also be able to set up a content delivery network (CDN) to make your website faster and more readily available to all visitors around the world.
Scalability
Private hosting gives you the capacity and flexibility to scale seamlessly anytime your website’s traffic increases, or if you have peak times for traffic.
This is an intelligent way to future-proof your investment, with the confidence that your website’s performance will be consistently excellent as the size of your audience increases and your site expands. This also applies to situations in which you need to scale unexpectedly due to short-term increases in demand, ensuring business continuity is always maintained on your site.
Resilience
Private hosting providers have guarantees for their resilience, and for your site’s up-time, covering all possible bases. This even counts for unusual scenarios like floods or fires.
It’s wise to look for a provider who offers back-up and disaster recovery services for the maximum resilience.
Back-Ups: Managed back-up services provide you with a tailored regiment, alongside rigorous testing, for guaranteed restorability.
Multi-level back-ups are taken for you, both locally and remotely, to minimise risk. You’ll also be able to choose from a range of replication technology options for your load-balancing and various fail-over scenarios.
Disaster Recovery: Private hosting providers will also use disaster recovery measures, such as geographically-distributed platforms and back-up data centres, providing you with full assurance that your performance and up-time are always maintained.
Your primary hosting platform will be replicated to a disaster-recovery platform, which means that if the primary data centre is ever out of action for a prolonged period of time you can fail-over to the back-up systems.
While the more basic hosting services can take days to recover in similar situations, which could result in losses of business and even reputational damage, disaster recovery can often be done in a matter of minutes with a private hosting environment.
Support and Optimisation
Trust and confidence in your provider’s ability to deliver on your requirements are a vital part of your hosting service.
It’s highly beneficial to take an approach that gives you – or your agency partner – a close working relationship with your hosting provider. Availability and accountability are much greater with a private hosting service than with a shared approach.
A close working relationship provides other advantages as well. For instance, anytime you want to make upgrades to your hosting environment, they can analyse your traffic and identify the best time and date to do that with minimal disruption.
This is all part of collaborating with your agency and hosting provider, so they understand your unique business and tailor your hosting services. This is all done based on the conventions of your target audience and your specific requirements to deliver the best possible service.
In terms of support, private hosting providers will have powerful automation tools to proactively, continuously monitor your environment. That allows them to resolve the majority of issues before they’re able to have an impact on your site.
This can also involve 24/7 custom alerting systems, as well as a fully customisable monitoring portal, and multi-channel systems to alert engineers rapidly in the event of any problems.
In terms of your overall service with an enterprise-grade private hosting provider, you should also expect to gain:
Sustainability
If your business has sustainability as a priority or core cultural value, then this is another reason to opt for a private hosting service. While it’s not impossible to find shared hosting services with carbon-neutral data centres, it’s much less common.
Sustainability is also a key focus for us here at SoBold as an agency. As a result, we’ve worked hard to ensure we have an environmentally-conscious, carbon-neutral service offering.
The Verdict?
Having a fully dedicated, bespoke private server is usually the preferred choice of web hosting services. This is due to the unmatched levels of security, scalability, and performance that come with private hosting providers.
Of course, it’s important to note that this does also come with a higher cost than other options. However, the benefits and trust gained through their strengths in these key areas ensure strong ROI.
Not only do their flexibility and optimisation provide you with a high-performance website set up for success, but enterprise-grade security and resilience will also minimise your risk and save you significant costs in the long-term.
Would you like these insights straight to your mailbox?
UI Design
18 April, 2023
Understanding the Important Role of Research and Planning When Designing a New Website
Before you begin working on the design elements of a website project, it’s important to begin with, what we at SoBold call, a research and planning phase.
The purpose of a research and planning phase is to ensure that every single decision you make about your design will result in a more effective website, both in terms of your business goals and your users’ needs.
During this phase, you’ll work alongside your chosen agency to define the full scope of your website and all its requirements. This phase will also involve looking closely at your target audience, trends in your market, your competitors, and any data available from your existing website.
This research is extremely useful in shaping the direction you take with your website and helping you to capitalise on certain trends that may align with your strategic objectives.
In this article, we’ll explain how a research and planning phase works to help you know what to expect when entering your own website design project.
If you’d first like to gain a better understanding of the full end-to-end process of web design, read our previous article here.
Website Strategy Workshop
A research and planning phase usually begins with a strategic workshop. This workshop will bring all the relevant stakeholders together, either in person or over a video call, to agree on the goals and parameters of the project.
A workshop is a great collaborative environment to help your agency become even more familiar with your brand, your target audience, and the outcomes you’re looking for from your new website.
Your agency should work closely with you to determine how the objectives you have for your new website feed into your wider business goals. That will be the key to finding the right approach to designing your website.
Once the workshop is completed, the research can begin.
Leveraging Data to Dictate User Experience (UX) Decisions
Every decision you make about your website’s design needs to be informed and justified by data.
As it’s becoming increasingly difficult to capture and retain your audience’s attention, nothing can be left to chance. It’s also negligent to overlook the vast range of valuable insights available to you within your data, and the data in the public domain.
Google Analytics
Your agency should begin by analysing the performance of your website in Google Analytics. This can help to help understand the current behaviours and trends from your website users.
Most businesses use Google Analytics, but few understand the right things to measure. For many businesses, Google Analytics is an untapped gold mine of data and insights that can help you improve site engagement, retain more visitors, and ultimately grow your business.
You can conduct a thorough analysis of things like:
1 – Your Audience Acquisition
Google Analytics can help you identify where your visitors have found you and accessed your website from.
Whether through organic search, social media, direct, or referral, you’ll learn how all your visitors are acquired. This information is vital, as it can allow you to tailor different parts of your website to certain visitors at various stages of their journey with you.
For example, if organic traffic is a key driver of your website traffic, it’s important for your agency to ensure that lots of the hierarchical structure of copy is maintained throughout the site.
This is also helpful in optimising your wider digital marketing strategy, by recognising what’s working well and what isn’t, from a web traffic perspective.
Bonus Tip – If you’re running Google Adwords, make sure your agency partner is aware of all the URLs that need to be redirected, and that this doesn’t affect your ad spend.
2 – Your Visitors’ Demographics
Google Analytics can provide detailed insights into your website’s visitors, with data covering everything from age, gender, location, language, and more. This helps you gain a clear, specific understanding of who’s coming to your website, and that can inform important decisions about your design.
It will also help you determine whether or not you’re attracting the right audience, which could alert you to a need for changes in your design and branding.
Bonus Tip – If you have a lot of visitors from other countries, you may need to talk to your agency about setting up a content delivery network (CDN) on the hosting server to deliver content from that location.
3 – Your Visitors’ Interests
You can use Google Analytics to view information about your visitors’ interests, past searches, and other online behaviour. This can help you identify what they’re looking for when they’re visiting your site. You can then tailor your design and content to match any unaddressed questions, challenges, or needs they might be looking to meet.
4 – Your Visitors’ Behaviour
Google Analytics can give you a graphical representation of your visitors’ behaviour when interacting with your site. This includes where they’ve entered your site, where they went next, what their whole journey through your site looks like, and where they eventually left.
This provides great opportunities to optimise certain pages that aren’t performing well enough. You can also learn what your visitors respond well to from pages that already have strong engagement.
Mapping your users’ journeys may also uncover insights to help you create links between certain services, hone in on special offers that will drive increased conversions, and many other ways to boost engagement.
5 – Your Conversions
Your conversions are a critical measurement of your site’s success. Whether you’re aiming for subscriptions, demo sign-ups, contact form submissions, downloads, or anything else, failing to achieve your conversion targets means something isn’t working.
You can use Google Analytics to set goals for conversions, monitor performance, and highlight areas where you need to improve.
Taking this analytical approach will ensure your website’s design is tailored to supporting your strategic objectives.
Bonus Tip – On July 1, 2023, for continued website measurement, you’ll need to migrate your original property settings to a Google Analytics 4 (GA4) property. Your agency partner should be on top of this though.
Data Tracking
Next, if applicable, your agency should review any existing tracking resources you have in place on your website.
A successful website design is based on many different factors, each an important component in engaging your audience, converting them into clients, and growing your business.
This is why it’s useful to look into key metrics you may use to measure your success against, then use the related data and analytics to inform your design. Tailoring your UX based on your findings will ensure your website is designed specifically to optimise your user behaviours.
Bonus Tip – If you don’t have any additional tracking in place, both HotJar and Crazy Egg are great tools to use.
Analysing External Factors
Understanding Your Target Audience
One of the most important parts of building a new website is understanding the preferences of the audience you’re targeting. You know what your ideal customer profiles (ICP) look like, but do you understand how they behave when interacting with websites online?
Every decision about your website’s design must be made with consideration and empathy for your users. As touched on in the previous section, audience research will include a wide range of variables, including:
This part of the research will contribute towards building user personas and user journeys at a later stage of the design process.
A user persona is a fictional person that you can use to represent the target audience of your website. These personas will help you focus on the desired interactions between the ideal user and the website you’re building. Creating personas also helps to map the users’ needs to your goals for the project.
A user journey is a path that a user may take to reach their goal when using your website. Hypothetical user journeys are created at this stage, as they help to identify the different ways the site’s design needs to enable the user to achieve their goal as quickly and easily as possible.
With these, you can begin to paint a picture of how your target audience will interact with your website, allowing you to create a satisfying user experience.
Industry Landscape
Researching your industry landscape will reveal a great deal about what to do, and what not to do. An analysis of the wider market you operate in will help you benchmark yourself against industry leaders, and highlight mistakes being made by any businesses lagging behind. It’s useful to be aware of any industry trends or points of influence that may inform your website’s design as well.
Bonus Tip – You’re an expert in your industry. Your agency is not, but they are experts in web design and marketing trends. Work closely together by leveraging each other’s knowledge and expertise to paint the full picture of what makes modern websites successful from a design perspective.
Competitor Research
It’s also crucial to conduct a thorough competitor analysis to see what the benchmark is for a successful website in your industry. Conversely, some competitors may provide examples of bad design that can help you identify pitfalls to avoid with your own site.
Around five of your competitors is usually a good number to look into. To do this, your agency should work with you on assessing their websites in key areas such as:
This research will allow you to recognise opportunities, gaps in the market, important trends, and any other insights you can gather.
Making Data-Driven Decisions
Following all this research, your agency will work on developing a strategy for your website, recommending the optimum route through the rest of the design process.
Your agency will provide a report detailing all the findings from the strategy workshop and research. This should often include a sitemap document and a content framework for your site as well.
An agency should always provide the opportunity for feedback and iterations on crucial documents like this, so you should then be given time to review this and provide feedback.
Bonus Tip – Don’t be afraid to ask questions, challenge things you’re unsure about, or change your mind during this feedback and revision process. These are big decisions, and it’s important to be 100% sure about the direction your website’s design is being taken.
Once you’ve worked through this feedback with your agency and you’re happy with everything they’ve planned, you can then move into the phase of the project that focuses on the visual identity of your site.
Bringing it All Together in the Design
A thorough, well managed research and planning phase is an essential part of designing a successful website. By having a strategy backed up by tangible data in place, you’ll be able to work through the remaining phases of the overall design process in a more efficient and effective way.
It also helps anticipate any challenges or potential issues in the design process and allows you to mitigate them before they arise, saving you time and money in the long-run.
This phase is arguably the most important in ensuring your agency can meet your specific requirements and expectations, on time and within budget.
If you’d like to discover what’s involved in the next phase of a web design project, exploring the visual identity of your site, read our next article here.
Would you like these insights straight to your mailbox?
Digital Business
5 January, 2023
WordPress vs Sitecore – Comparing Both Content Management Systems
Large businesses and enterprises in need of a content management system (CMS) today are spoilt for choice, because there are plenty of excellent platforms available. From WordPress to Sitecore to Drupal, the technology currently on offer is highly intelligent and intuitive.
But so much choice can make the task of finding the right CMS for your own specific business complicated and time-consuming.
Selecting a CMS is an important decision that requires a lot of research, followed by careful evaluation of all the various options. Of course, those processes can be very time-consuming. When you’re already extremely busy juggling dozens of other priorities, it’s challenging to give this the attention and effort it deserves.
To solve that challenge, we’ve done the bulk of the hard work for you. In a new series of articles, we’ll provide you with direct, objective comparisons between some of the leading options for CMSs, helping you relieve the headache of researching and evaluating them yourself.
In the first article of this series, we’ll be looking at the comparison between Sitecore and WordPress.
How Does the Security Compare for Both Platforms?
As we face ever-increasing concerns with cyber security, data protection, and various other digital challenges, finding a platform with robust security should be a top priority.
Sitecore Security
Sitecore has a reputation of being the leading CMS for large businesses, guaranteeing an enterprise-grade experience that includes a high level of security.
Sitecore’s security is also strengthened by the vast range of in-built features within the platform, which we’ll discuss in more detail later. There’s no need to purchase more third-party software or plug-ins to enhance its functionality, which means you won’t be creating any additional vulnerabilities or risks. The platform also receives frequent security updates which bolster your protection even further.
If security is a concern for your business, Sitecore should be high on your list of potential candidates for a CMS.
WordPress Security
For a long time, many people believed the misconception that WordPress isn’t secure enough for large businesses. However, industry leaders such as global investment firm Blackstone, the NHS in England, global research and advisory leader Forrester, and multinational bank Standard Chartered now use WordPress for their CMS. This goes a long way to proving that wrong.
In fact, WordPress is already a secure, stable platform out-of-the-box. So, where did this myth come from?
Well, vulnerabilities can arise in certain scenarios. Firstly, strong security with any technology is dependent on a well-managed hosting environment. If you have WordPress hosted in a secure environment from an experienced provider, with proactive security measures in place, your risk will be extremely low.
Secondly, plugins are something to be cautious of when it comes to security, both in terms of where they come from and keeping them properly maintained. Security threats will be minimised if you only use plugins from trusted sources. You should also ensure you always keep them tested and updated, ideally working alongside security-specific plugins like WordFence.
We appreciate this may sound like a lot of work. That’s why all the examples of the businesses succeeding with WordPress have the support of an agency partner who ensures all these things are taken care of during the development stage. It’s worth noting, though, that this will also be the case when adopting any CMS in a business setting.
Which Platform is More Scalable?
One of the most important aspects of a CMS is its scalability. A CMS is a long-term investment, and this is one of the most influential factors in determining whether that investment will be successful or not.
You’ll need to ensure your site can evolve as your business grows and your needs change over time. This will require an infrastructure that can quickly and easily scale with more pages, additional functionality, and perhaps even more sites, without the burden of hefty costs for more development work.
How Scalable is Sitecore?
Sitecore is designed specifically for large businesses, so its scalability is up there with the very best. Sitecore is a robust platform that allows your digital presence to grow seamlessly as your business grows, even if you need to build multiple sites to serve different groups of users in different languages.
How Scalable is WordPress?
WordPress is another highly scalable platform. Despite some still mistakenly believing that WordPress is suited to smaller businesses, you can use the CMS to build sophisticated, industry-leading sites. Like Sitecore, WordPress is agile and scalable enough to grow alongside your business and adapt to your changing requirements.
How Capable are these Content Management Systems?
The main purpose of a CMS is to provide a software-based infrastructure upon which you can build and manage websites and applications. While most CMSs are similar on the surface, with the same fundamental functionality, they each have unique features and capabilities that differentiate them
For example, one critical indication of quality for a CMS is how easy it is to use. Once you’ve adopted a platform, you and your colleagues will need to feel immediately comfortable using it on a daily basis. If a CMS can’t provide good usability, it’s probably one you should avoid.
Sitecore as a Content Management System
Sitecore is actually considered a fully managed ‘digital experience platform’ that comes with more capabilities than the average CMS.
Most of its best features are readily available as soon as you begin using Sitecore. That allows you to get a high quality site live very quickly without additional work within the platform.
However, Sitecore typically provides quite hierarchical, complex workflows that might be frustrating for small or agile teams. This can also create longer development cycles than usual, giving you a slower time-to-market than more intuitive systems like WordPress.
WordPress as a Content Management System
WordPress is easily the most popular CMS in the world right now, with around 45% of all websites built on the platform. One of the main reasons for that is its ease-of-use, with simple and efficient content management
This usability allows you to get up-to-speed quickly and share responsibilities across several members of your team, even if they have no previous content management experience.
WordPress also makes it convenient to edit content on a page-by-page basis, saving you valuable time, with its block-based design an ideal method for customisation and site management.
How Much Personalisation do they Provide?
The ability to customise and tailor your site’s content to your target audiences is more important today than ever before, with so much of modern business now taking place online. Therefore, this is another important point to consider when choosing between your various CMS options.
Personalisation in Sitecore
When compared with other platforms, Sitecore’s personalisation is excellent. Sitecore will provide you with a great deal of control over the structure and design of your pages, allowing you to tailor your user experience and drive greater performance for your site.
This is particularly useful for larger businesses with high volumes of potential site visitors, delivering competitive differentiation and driving increased conversion rates.
Personalisation in WordPress
WordPress is also highly customisable. You can use its flexibility to get creative with your design, and build bespoke features and functionality to better engage with your audience.
There’s not much to separate Sitecore and WordPress in this area. The gap in personalisation becomes even smaller if you find an experienced agency with WordPress-specific expertise to help develop your site and improve your customer experience.
Integrating with Other Systems
Before your business invests in any digital platform, it’s important to ensure that technology can integrate easily with your existing software. Whether it’s your customer relationship management (CRM) or any other marketing systems, any digital tools you currently have should ideally be compatible with your new CMS.
How Sitecore Integrates with Other Systems
Sitecore integrates well with other systems. It allows you to achieve out-of-the-box integration with most of the leading CRM software, and plenty of other digital tools and platforms.
How WordPress Integrates with Other Systems
WordPress tends to be the easiest platform to integrate with your existing systems, because most brands and other SaaS products have already made themselves compatible.
This means you can deploy WordPress with minimal disruption, regardless of whether you’re building a new site from scratch or migrating your current site from a different CMS.
Total Cost of Ownership (TCO)
Of course, you’ll also want to ensure you’re getting a solution that will deliver good value for money. With a CMS, the total cost of ownership (TCO) can vary greatly from one platform to another, due to factors like licensing fees and update-driven maintenance.
Sitecore Initial Investment and Ongoing Costs
Sitecore is an expensive option, even if you have a large budget to work with. You’ll be required to purchase licences for the platform with an ongoing renewal fee each year. These licenses come in tiers, so if you want to access the full range of benefits from Sitecore you’ll have to opt for the most expensive offering.
On top of that, you’ll also need to account for development costs with an agency, hosting costs, maintenance and support fees, and various other expenses that give Sitecore a very hefty total cost of ownership (TCO).
Furthermore, Sitecore requires ongoing management and maintenance to handle regular large-scale updates to the platform. When updates occur, new versions of the software come with a big price tag and may cause you to pay for additional development work to get your site up-to-speed.
However, this could be a worthwhile investment if Sitecore’s features and capabilities are necessary for your specific requirements. If you’re looking for a quality, trustworthy enterprise-grade platform, Sitecore can justify the cost.
WordPress TCO and Value
Conversely, WordPress is a much more cost-effective solution with a drastically lower TCO. Licenses for WordPress come at no cost and the software is entirely open-source. That means your implementation costs would be limited to just hosting, agency fees, and post-deployment support.
If you decide to use any plugins or extensions of the platform, these will be licensed and paid for separately. However, businesses rarely need to bolt on many new tools or capabilities because WordPress is such a feature-rich platform already.
When WordPress is updated, unlike Sitecore, managing and testing your site can be done in just a few hours at a much lower cost.
A Word on Agency Partners
One thing both Sitecore and WordPress have in common is the small selection of platform-specific agencies who can build high performance sites for large businesses using this technology.
A CMS becomes far easier to use, and easier to drive strong return on investment (ROI), if you have a specialist partner supporting you.
Finding an agency with the necessary experience and expertise to help you leverage these platforms to their full potential should be another important influence on your choice. From integration, to development, to maintenance, all the benefits and advantages of the platforms will require an agency to help you fully unlock them.
How to Make Your Decision
So, with all that information, how can you decide between the two?
Both of these platforms are excellent options that would serve most businesses extremely well. After all, there’s plenty of good reasons why some of the biggest companies in the world use Sitecore and WordPress.
Ultimately, when looking for a CMS that’s the right fit for your specific business, you should make a detailed assessment of your strategic objectives, unique requirements, budget, users, and other important factors. Use that to determine which solution is most capable of meeting those needs.
If you still need more help working through this process, read our comprehensive guide to understanding and evaluating the enterprise options for large businesses here.
Would you like these insights straight to your mailbox?
Industry News
21 June, 2022
Pixel Pioneers Bristol 2022
If you’ve never been to a conference of any type before, you possibly think you already know the important areas of your profession and can find out any developments from your colleagues or the internet. At least that’s what I thought prior to attending Pixel Pioneers 2022.
Which option sounds more appealing to you? Pick up extra skills on occasion, or go to a conference and absorb a mega-dose of industry knowledge, make connections and enjoy exploring fresh surroundings? Luckily at SoBold we have the opportunity to do both.
The conference covered both ends of the telescope – from broad topics such as energy consumption, to a fifty minute talk about the brief three milliseconds your screen goes blank in between webpage loads. How the visually impaired experience the internet, to technical developments in styling / fonts.
My personal hero was Chris How – his mantra of valuing your customer’s time and giving them small moments of delight strongly resonated with me. In accordance, I want to guide you through the content of the conference, with links to the core material that will best replicate what the SoBold team saw, whilst valuing your precious time.
GAVIN STRANGE : Less Thinkering, More Tinkering
A must watch to boost your levels of creativity. Gavin shares his personal and professional projects with Aardman Studios. Lots of useful insights into reaching the pinnacle of creativity. Highly engaging delivery, visuals and plenty of ‘further reading’ material. Definitely worth watching in entirety. Gavin Strange website – will give you a sense of his creative flair and influences. https://www.jam-factory.com/
“It’s better to beg for forgiveness, than ask for permission.”
Gavin Strange
BIANCA BERNING : Variable Fonts – WTF?
From a technical and design standpoint, learning about variable fonts is incredibly useful. Towards the end Bianca veers into the potential application of variable fonts – imagine a world where your computer mutates its content to fit the viewer’s specific needs. If you’re looking for new avenues for unique artistic features for your website – this talk is for you. Everyone should have a play with variable fonts – try it here https://v-fonts.com/
CHRIS HOW : You Got to Fight for the Right to Delight
Chris’s choice of examples and commentary is intentionally entertaining and eclectic. His approach to design changes your criteria for success and also would decisively influence your next project. Essential viewing. Whether you’re a seasoned designer or developer short of a design, this talk will give you a guiding direction. Information on the Kano product roadmap here. https://www.productplan.com/glossary/kano-model/
LÉONIE WATSON : Accessibility: The Land That Time to Interactive Forgot
Visually impaired people experience the internet through screen readers – the internet described in words. Léonie’s valuable insight will definitely re-balance your priorities and appreciation for how websites should function. Some of the technical history she overviews was a bit lost on the audience but the switch in mindset is valuable. Important to dip into, especially for gleaming a deeper understanding of how a web document is compiled and loaded. It might sound ‘techy’ but it’s like understanding how our lungs work – illuminating. If you haven’t viewed any of your own websites using a screen reader – you definitely should. For a great sense of how the net is best experienced for visually impaired users – just check out her website – tink.uk
LUKE MURPHY : Lightning Talk: Design Tokens – Searching for a Source of Truth
Design Tokens act as a very useful tool for blending the boundaries of where design and development meet, in fact, they act as a technical element that affect design and development in equal measures. If you have no idea what a design token is – this talk could unlock a tonne of structure for your product. Here’s an overview article on design tokens
HANNAH SMITH : How to Make Digital Services More Sustainable
Hannah Smith’s talk invited us to critique our energy consumption and make changes to our habits as both consumers and producers of digital content. She makes the case that space travel is a waste of resources, and that using less lays the path to fulfilment. See if her arguments resonate with you. Hannah’s book recommendation – Doughnut Economics by Kate Raworth
JHEY TOMPKINS : Supercharge Your Skills with Creative Coding
A mad professor of CSS and JavaScript – Jhey has a mixture of technical tricks and interesting libraries for speech recognition. Deadpan yet full of colourful examples, Jhey clumsily demonstrates his collection of magical creations and challenges you, the developer, to break out of your ‘siloed’ mentality for visual presentation. Check out his catalogue of wondrous CSS/JS creations here
STUART LANGRIDGE : You Really Don’t Need All That JavaScript, I Promise
Painting with the broad brushes down to the nat-hair infinitesimally small details, Stuart reminds us of the importance of returning to the basics in order to best utilise the web. Unfortunately some of the libraries he suggests do not have extensive compatibility and thus aren’t for mainstream production… yet. His insight does provide a deeper understanding of the mechanics of the tools we use, although the message is quite drawn out. Example of the shared transitions js library https://codepen.io/drenther/pen/NjzeOO
RACHEL ANDREW : What’s New in CSS?
Rachel Andrew – new css features either in or emerging from or newly arrived from CSS-land. Truly at the coalface of emerging CSS features. For a frontend developer it was akin to being shown new letters in the alphabet that were being proposed. A summary of similar information can be found here – https://www.smashingmagazine.com/2022/03/new-css-features-2022/
Bristol itself is well worth a visit – a centre for nightlife, hedonism and youthful idealism. Simply walking around the harbour area in the daytime will refresh your appreciation for one-of-a-kind shops and overflowing street art. Make sure you have plenty of free space in your phone for all the photos. The SoBold team had a very enriching experience and bonded even tighter as a team. I hope to see you at the next one!
Links to the conference videos will be available via the Pixel Pioneers website.
Would you like these insights straight to your mailbox?
Development
21 June, 2023
How to Determine When to Use WordPress Plugins and When to Use Bespoke Development
When developing a high-performance website with WordPress, certain requirements will demand that your agency partner goes beyond the “out-the-box” functionality of the platform.
There are two main ways your agency partner may work with you to build out custom functionality:
While plugins are the go-to option for many small and medium-sized businesses, it shouldn’t always be such a quick decision between those two options. If you’re working on an enterprise-grade website, your agency should always give careful consideration when determining the best approach in every scenario.
In this article, we’ll help you understand how to determine the right option between plugins and bespoke development for your own WordPress website.
Why Are WordPress Plugins so Popular?
Since WordPress is an open-source platform with a very active global community of web developers, there are tens of thousands of plugins readily available. For almost any use case you can think of, there’s almost certainly a plugin for it; probably even several.
Plugins serve so many businesses so well because they’re pre-built functionality that quite literally plugs into your platform.
One of the main reasons plugins are so popular, especially for smaller businesses, is because they’re usually free. This provides a great cost benefit over bespoke development, on top of the obvious benefits in the speed of attaining the new functionality as well.
Why You Should be Careful with Plugins
Despite their popularity, there are downsides to plugins too.
Relying on too many plugins, or using low quality plugins, may slow the speed of your site down significantly. A good WordPress development agency will try to keep the use of plugins at a minimum to ensure the speed and performance of your site isn’t compromised.
Poorly built plugins, or ones that aren’t maintained sufficiently, could also cause glitches and errors to occur with the functionality they’re adding to your site.
Security is another concern with certain plugins. If a plugin isn’t maintained and updated regularly, this will create vulnerabilities in your platform that could be exploited by malware or cyber security attacks. These vulnerabilities could also creep in if your plugins are auto-updated and left untested by your agency partner.
Some less experienced agencies often fall into the trap of using too many plugins, while others are simply unaware of the risks associated with plugins from untrusted sources. This has given a bad impression of plugins in some circles. The missing ingredient there, however, isn’t the value of plugins, it’s the agency’s best practices.
When to Use WordPress Plugins
If there’s a feature you need to add to your site that’s already been built perfectly in a trustworthy plugin, it’s worth considering that approach instead of building something from scratch.
However, here at SoBold, we ensure a strict set of best practices are followed, and due diligence conducted, every time we’re considering using a plugin.
We’ll always make thorough checks to ensure any plugin we use is best-in-class, aligned with our high-performance standards, and so should any other agency you work with.
This will include asking questions like:
Before implementing a plugin on your platform, your agency should also use it in a local testing environment to ensure it functions as expected.
The majority of plugins are reliable, offering a quicker and easier approach than building something bespoke. However, there are many cases where bespoke development is the more suitable option.
When it’s Better to Use Bespoke Development
When it comes to sophisticated, dynamic websites, plugins may not be capable of delivering the required level of performance, security compliance, or functionality.
In these cases, your agency will turn to bespoke development to deliver what you need. This is often the necessary approach, because high-performance websites do require some complexity behind the scenes. And WordPress is arguably the best platform available today for bespoke web development.
Building out your platform by creating new features completely from scratch, tailored to your exact need, brings with it a wealth of advantages over using plugins.
This is particularly beneficial in terms of flexibility and customisation, giving you something entirely unique to your website. You’ll have complete control and ownership of your bespoke features, which provides greater security and seamless integrations with the rest of your technology systems.
Performance will almost always be superior with bespoke development, delivering a far greater user experience (UX) and improving your customer engagement as a result.
Bespoke development could even be more cost-effective in the long-run too, when compared to plugins that turn out to be problematic or aren’t updated past a certain point.
Rely on Your Agency’s Expertise
Determining whether to use a plugin or build something bespoke will be a decision your agency should guide you to make correctly.
Each website and each business are different, so the right option will be unique to your own requirements and circumstances. Therefore, it’s also worth mentioning that this must be specific to each individual requirement as well, rather than taking a blanket approach.
The decision shouldl be based on the most straightforward way to give you the capability you’re looking for. It will also involve ensuring that your site’s security, performance, and UX are maintained. Another important factor to consider are your circumstances, such as your budget, timeframes, the amount of traffic your website is likely to encounter, and so on.
For example, if your agency knows that one of your top priorities for your website is excellent performance, they’ll make different decisions in that case than they would if you were more concerned with the fastest possible time-to-market.
Some businesses even use plugins in the first phase of their website, then look to rebuild their plugin-based functionality with bespoke development when their business grows, or when they have more time and resources available.
It’s important to trust your agency partner with this decision and rely on their advice. This is why it’s so valuable to work with an experienced agency who understands your needs, so they can help you make the right choices and take the best possible option.
Finding the Right Balance for Your Website
Plugins can be very useful, and it must be said that many WordPress plugins are outstanding in their capability and quality. However, if your specific requirements demand more than a plugin can deliver, bespoke development will be the correct approach.
Regardless, it’s crucial to find the right balance to ensure your site’s performance, speed, and security are maintained.
Ultimately, your agency partner should always consider the specific requirements and circumstances of your project before deciding whether to use plugins or build bespoke functionality for your site. This makes it even more important to work with an experienced agency you can trust to guide you.
Discover more about the scalability and flexibility of the WordPress platform, and its ability to deliver complex requirements for enterprise websites, in our related article here: Just How Scalable is WordPress?