As we edge closer to the holiday season, these next few weeks and months are a critical time of year for website security for eCommerce retailers. Companies are gearing up for significantly boosted online traffic as consumers set out to find the perfect gift for everyone on their lists.
This time of year especially shines a light on security, though, as malicious actors and cybercriminals are also aware of the uptick in sales and online shopping:
So, what can online retailers do to better safeguard their platforms and their customers' information? There are a few essential steps businesses can take right now to better enable security during the holiday shopping season, and Hostway is here to help.
We've created a series of short videos featuring Kai Armstrong, Hostway's eCommerce product manager, that covers best practices you can immediately put into action to ensure a secure shopping experience for your customers.
You’ll get tips on the following:
Watch the full video series here >>>
Learn more about how Hostway can help with an eCommerce platform>>>
Hostway’s eCommerce offerings are evolving. Learn about the potential of our Managed Magento deployments and support.
Join us at Imagine Commerce 2016 from Monday, April 11 to Wednesday, April 13 at the Wynn Las Vegas. We’ll be at Booth 217.
At our post-Imagine event, the Designer & Developer BARCAMP, you can win a one-year membership to the Beer of the Month club.
In the meantime, read over our recent blogs on finding an appropriate Magento eCommerce hosting partner, including one on why The Most Important “-ility” is Accountability.
Hope to see you there!
When it comes to the infrastructure of an eCommerce site, there is no shortage of important considerations, including scalability, availability, reliability, flexibility, security and performance. We hear these messages so much, we’ve come to expect these “-ilities,” taking for granted that our vendor will deliver.
But buyer beware: Don’t ignore these features and the differences between what various vendors offer. Online merchants should make sure their provider specializes in eCommerce and knows what’s required for peaks in traffic, page load performance, and areas of site optimization. Merchants need a provider that is in tune with the specific security concerns of eCommerce and the need for customization.
The ability to deliver isn’t just about fast, reliable and secure hardware – it must also include eCommerce experience and expertise. An understanding of your eCommerce platform, and what is required for keeping it running at peak performance, is essential to ensuring that shoppers don’t leave your site out of frustration while shopping or abandon their cart mid-purchase.
There’s a lot your hosting provider should do for you. Look for a vendor that has service level agreements (SLAs) guaranteeing high availability (uptime). Depending on the type of retail business you have, auto-scaling and load-balancing may be important to accommodate peaks in traffic and periods of higher than normal purchases. You may need advanced levels of security. And, of course, you want a vendor that’s going to monitor your site and suggest adjustments to optimize performance.
But in the end, all of this is meaningless unless your service provider has a culture of accountability. A 99.999% uptime guarantee does little if no one is there to help when you have a problem. That’s why accountability is arguably the most critical of the “-ilities.”
Supporting an eCommerce environment requires ongoing monitoring; timely, informed response to issues, including the ability to triage a problem; a policy of making proactive adjustments or suggestions; and transparency in regards to measuring and reporting on your online store.
The reason you turn to a third-party managed solution provider is because you don’t have, or don’t want to have, the internal resources to manage your eCommerce environment. If you did manage things internally, you would hold the employees tasked with this responsibility fully accountable for everything under their purview. Similarly, you should hold the managed solution provider to the same standard.
If the provider holds itself accountable, they will consider customer service and technical training – along with the necessary tools – a priority. They will also invest in eCommerce business training so their employees truly understand your business requirements and goals.
Find a provider that is willing to take ownership and face difficult problems. Ask about their support policy, procedures, and customer service culture – ensure the company not only feels a sense of duty, but that individual employees do as well. Will support personnel give you their name? How quickly will they respond if there’s a question or problem? You want the support team to take personal responsibility for ensuring your satisfaction.
This culture of accountability isn’t just good for the customer, it’s good for the provider. By taking on more responsibility, they will learn more about managing eCommerce environments, and be able to improve operations for you and other clients. You want a provider that is willing to take ownership of your eCommerce infrastructure and make tough decisions. This is the difference between an average provider and one that goes the extra mile. This is the attitude of success.
Find out what else your site needs to succeed>>>
The popularity of cloud computing has made outsourcing infrastructure requirements to a managed service provider a logical choice for companies of all sizes, and from all industries. Let’s take this a step further and look at managed solutions providers (MSPs) for eCommerce. That’s not a typo, we’re going to discuss managed “solutions” not “service” providers.
MSPs take responsibility for a deeper level of the overall solution, beyond the infrastructure. This can include the platform application layer, integrations, software patches and updates, security and more. This level of service can combine platform-as-a-service (PaaS), infrastructure-as-a-service (IaaS) and sometimes even software-as-a-service (SaaS), and is beginning to be referred to as business-process-as-a-service (BPaaS). Increasingly, eCommerce solutions are being offered as BPaaS.
When an online retailer turns to a managed solution provider, the goals are typically to reduce capital expenditures and operating expenses, improve operational efficiency and time to market with new technology, and supplement internal resources in order to enable their staff to focus more strategically.
Choosing a managed solution provider goes beyond the considerations used to choose a pure infrastructure provider (hosting company). In evaluating a managed solutions provider for eCommerce, a retailer must not only evaluate the infrastructure elements, but the provider’s ability to manage the eCommerce platform and application layer with skill and confidence. While there are a number of factors to consider in choosing a BPaaS provider, these seven primary categories stand out as the most critical:
eCommerce Expertise with a Solutions-First Approach: Certified technical resources and subject matter business expertise must be prevalent, with evidence of significant spending on training and tools for eCommerce solutions personnel. The ideal company has experience working in complex, multi-vendor eCommerce environments, with knowledge of, and experience with, popular third-party applications. Also look for firms with the ability to optimize an environment for the specific requirements of eCommerce.
Proactive Issue Resolution and Prevention: The best providers are equipped to monitor every client environment to uncover potential issues and recommend improvements. They should employ advanced tools to monitor things like store performance and the effect on the end user. Optimally, if a problem is identified the vendor will contact the retailer to discuss reconciliation options.
Advanced Infrastructure Specifically for eCommerce: Online shopping is a 24/7/365 operation, so high availability is a must. The ability to scale on the fly is important for a company dealing with spikes in traffic related to promotions, holidays or seasonal shopping. Seek out a partner who actively adopts next-generation technologies, and can support private or hybrid cloud deployments.
Demonstrated Accountability for the eCommerce Environment: Your problems are also your MSP’s problems, and you’ll need a partner that responds with that in mind. Any contract should include SLAs that include financial remuneration for non-compliance. The best service providers commit to providing expert technical support 24/7.
Operational Excellence: Your MSP should provide operational efficiencies like a faster time to market for new projects and technology updates. The MSP should provide the ability to test updates, integrations and new technology for the store before taking these things live. The MSP should also be able to support customizing the solution and/or infrastructure to specific eCommerce requirements for the client.
History of Success and Stability: The best partners will have demonstrated success with eCommerce clients, and should have client and partner referrals. Verify the financial stability of the company along with a history of investing in best-in-class hardware, technology and technical expertise.
Client Management: You know how you want to be treated – the ideal partner does as well. They should allow you to remain as involved in the eCommerce operation as you want to be, provide a user-friendly dashboard with access level privileges, and produce reporting and analytics about the infrastructure and fundamental performance metrics about your store. You should know what’s going on at all times.
Many companies offer comprehensive infrastructure that’s entirely suitable for eCommerce. For many, however, that’s no longer enough. If you’re seeking a third party to help build, launch and manage your eCommerce environment, that company must exhibit more. Investment in eCommerce specific hardware, software and professional expertise – with a policy of accountability for this environment – is critically important for success. Talk with providers and make sure that you are able to establish a collaborative relationship that is focused on your eCommerce business and technology goals.
Hostway partner CurveCommerce is an eCommerce Online Marketing and Strategic Consulting Company focused on developing powerful Magento websites with superior selling techniques and consolidated email services. CurveCommerce Chief Marketing Officer Tom Ziter is sharing some of that expertise in a three-part blog series beginning today.
Various analytics packages, including Google Analytics, give you the opportunity to easily track visitor performance on your website – information that can help you grow your business if regularly monitored. Here are a few tips on what to watch and how to react:
Once a month, analyze your results both from an overall perspective and dig deeper on the various traffic sources. Check the current month and compare it to the same month last year. Compare stats quarterly in the same manner. This will help you compare key trends.
Make sure your analytics package is properly set up so the information you get will be accurate. Among the items to use are analytics page tagging, remarketing tagging, eCommerce funnels and “Thank You” page tagging for conversion. Each checkout stage should also be tagged, as well as each item and category property.
Here are some high-priority items from an overall and source perspective:
Traffic – Look at the unique traffic by various sources (such as SEM, Direct, Email, Referral, and Social). Find your most productive sources based on orders and sales, and test ways to improve performance. Then invest resources in what’s working.
Orders & Sales – Among the first things you’ll check, view orders and sales also in terms of traffic source. Separate new and returning traffic to refine this metric.
Conversion – This is your most important metric – increasing it leads directly to growth. It’s displayed as a percent of unique traffic. Parsing this by various traffic sources may reveal variances based on the quality of traffic coming to the site. Improving conversion rates requires serious effort, relating to improving the top product pages on your website. Top product page views also indicate the products that visitors want most – which may not align with the top sales pages. Consider testing promotional incentives to get visitors to complete transactions immediately.
Cart Adoption – Getting visitors to put something in their shopping cart ups the game in terms of qualification. This calculation represents unique carts as a percent of unique traffic. To improve click action on the site, provide product details with compelling reasons for considering selecting an item.
Abandoned Cart Rate – Qualified visitors put items in the cart, then leave the site before finalizing the checkout process. Pursuing these abandons can capture more sales, and more repeat customers. Do this by testing ordering incentives on the view cart page, streamlining the checkout process and setting up an abandoned cart follow-up email program.
Checkout Conversion Funnel – Measure the abandon rate of each step of your checkout process, then fix whatever may prevent users from ordering. Simplify checkout pages that are creating abandons to combat buyer remorse and procrastination.
Channel Performance – Analyze all the major channels (report in Google Analytics) by traffic, order, sales and conversion to identify the most viable sources of traffic. Attack sources that combine to represent 80 percent of sales or orders by improving the offering and overall website conversion. Use the Source report for a further breakdown of top channels.
Source Performance – Identify the channels so you can learn more about the top performing sources. If a single channel represents most of your sales, identify the sources within that channel to improve by looking at key metrics.
While those are eight key metrics to monitor, here are a few more to also consider:
AOV – Average order will vary but it can make a big difference from a sales perspective. Ways to increase this measure include boosting the focus on top products, and improving cross-sells and upsells.
Time on Site/Pages per Visit – These indicate the stickiness of your site. The more time spent and pages viewed, the more they will buy – so generate more clicks and keep them involved.
Bounce Rate – How frequently do visitors leave your site from each entry page? To reduce your bounce rate, refine the most frequented entry pages with clearer calls to action. Announce what you’re selling and show why visitors should investigate. Give yourself a better chance to sell.
Mobile Performance – Having a mobile-optimized site has become very important. Monitor such traffic, orders and sales as a percentage of the total. To capitalize on this traffic, the most frequented entry pages must be mobile-friendly. Ensure the top items of each page are very clear and actionable.
Category and Sub-Category Page Views – Identify your top 25 pages in terms of views, and focus on improving these with top product orientation and strong click action.
Products Purchased – See what people are buying – again monitor and improve the top 25 initially. Make sure these top products are in prime positions throughout your website.
Once you have ample data from consistently reporting on the items above, then you can move on to more sophisticated reports:
If you report on and focus on improving the top areas of opportunity, you will definitely improve your online business. Your website is way too big to not have a strong focus.
Your overall metrics will change based on the type of traffic driven to your site. A focus on generating new customers may yield poor metrics initially, whereas driving returning customers can seem easier. But both are important to do. These details get you the real insight as to how you are doing.
As retailers evaluate their eCommerce goals and priorities, a decision must be made: Do you build or buy—or more specifically, do you employ internal help to manage an eCommerce store or contract outside resources as well as ask, licensed applications or cloud-based? These decisions apply to everything from the infrastructure, to the eCommerce platform and applications, to the talent who will create and manage the website. Retailers today are lucky: 2016 brings more options for eCommerce than ever before.
There are an abundance of eCommerce platforms and tools available today, ideal for serving every size and type of online retailer. But, choosing the best technology for your business is just the beginning. You need the proper infrastructure – the servers, network and security – to support your online store, and all of this great technology must be implemented, work well together, and be properly maintained. At this point, a retailer must make decisions regarding whether to license, develop and launch internally, or to turn to SaaS and cloud providers.
The upfront capital investment associated with a robust eCommerce environment can be overwhelming. A turnkey, SaaS eCommerce solution can provide basic eCommerce functionality, but these solutions come with limitations, and generally, customization and flexibility is minimal at best.
For those who need to scale, want the flexibility to use the tools of their choosing, to have control over their site, but don’t want to invest in the personnel or infrastructure to do this in-house, a hosted and managed eCommerce service provides an attractive option. There’s a relatively new term being used to describe this type of hybrid solution—Business Process-as-a-Service (BPaaS). In this scenario, the merchant controls every aspect of the solution, but the infrastructure and professional expertise is provided by a third party. The CIO and IT team serve a strategic role, controlling the decision-making, working with the provider to integrate legacy or new technology, and to obtain the desired business results.
CIOs are focused on using the cloud to establish a modern, innovative IT environment with operational agility and business advantage as key outcomes. Today, the projects are mission-critical and production grade. This is an affirmation that more businesses are comfortable with cloud deployments beyond the front office.
Joanne Correia, research vice president at Gartner
http://www.gartner.com/newsroom/id/2923217
From an infrastructure standpoint, merchants are able to take advantage of the latest hardware, easily scale as required, and pay for only what they use, avoiding a substantial upfront capital expenditure. At the application level, they can be exposed to the latest technology, including eCommerce platforms like Magento—options that may be difficult to deploy on their own.
"In a 2013 survey, Forrester Consulting found that 81 percent of organizations are either using or planning to use mission-critical apps in the cloud, and 77 percent of respondents identified improved agility as the key motive for moving core apps to the cloud."-PR Newswire
With a managed service or BPaaS, merchants are now able to turn to companies that have invested heavily in infrastructure and resources so that they are able to bear full operational responsibility. This includes all back-end functions, including software patching and updates, hardware scaling, system modeling, security, and assistance with third-party software installation. As a result, time to deployment is faster and less expensive than in-house options, and ongoing maintenance is quite painless. The merchant focuses on the brand, product catalog, merchandising and promotions, while the managed service provider looks after everything else. Above all, as opposed to a traditional SaaS eCommerce solution, this option is 100 percent the merchant’s, with all of the flexibility and scalability a merchant will require.
At the crux of this in-house vs cloud decision lie the business goals, budget, available resources (system and personnel), the technology desired, and timeframe to deploy. For those with a very small eCommerce presence, or specific eCommerce objectives – like launching a store for a singular brand or in an experimental market – a SaaS solution may be a good option. But for most others, a managed eCommerce solution (or eCommerce BPaaS) provides many attractive benefits.
We’ve blogged recently about the characteristics of a strong online store that best represents your business. A huge piece of that puzzle is selecting the right platform for your site. For three out of every ten merchants worldwide, that solution is Magento.
Magento is an open-source e-commerce platform that puts merchants in a straightforward path to developing the website they’ve envisioned for their product. Between the free to download Community Edition, and the advanced Enterprise Edition Magento’s market share is 29.8%, according to research from AheadWorks.
Don’t let the fact that it is free to download and use fool you into believing you are getting shorted the features you want for your online store. The Community Edition includes everything you need to get your eCommerce website up and running. Magento themes and templates include a shopping cart, payment and order processing, easy set up for implementing the basic SEO elements, and marketing tools that assist with tracking, analytics, and reporting.
For many business owners getting their online store set up, and offering 100, 500 or even 1,000 items, and accepting payment through their PayPal is all that they need. For other merchants, who upgrade to Magento’s Enterprise Edition, will receive the added benefits of PCI compliance, purchaser data storage, encryption options and more.
Customization Potential: Extensions and plug-ins are available by the thousands, and scalability is at the center of Magento’s value. The smallest of shops can get a sharp online presence that matches its larger competitors concerning practical needs and aesthetic standards.
Community Support: On a related note: While Magento is always evolving with updates from its creators, the true strength of Magento comes from its vibrant community of developers. With this open-source solution, your specific pain point in customizing your site, or feature that you desire, has probably already been handled by many other users. Those utilities are accessible via Magento’s large ecosystem of developers.
Simplicity: The most popular utilities are simple to use, and Magento is no exception – flexible, scalable and user-friendly. Its intuitive control panel gives you immediate access to multiple websites and stores and related reports. Custom dashboards are easily created. The built-in content management system makes content and catalog editing and importing a snap.
Built for SEO: A gorgeous, user-friendly website is still useless if it’s not designed to attract traffic Magento eliminates much of the time-consuming work involved in making your site – and its countless product pages – as SEO-friendly as possible. Magento automates SEO optimization of URLs, metatags, navigation, site structure and more. It generates a Google Sitemap for crawlers to explore.
Quality Core Elements: When it comes down to it, Magento will be measured by the excellence of its core features. Regarding transaction processing, page and catalog management, analytics, marketing tools and mobile compatibility, Magento is simply a top-notch tool with a track record of satisfied, successful customers.
And, of course, it helps if you have an elite hosting provider with top-notch hardware and networking, and 100% availability guarantees. Learn more about what Hostway can do for your e-commerce site.
Businesses that rely heavily on e-commerce – as most do these days – know that there are three principal issues which can reduce the effectiveness of their site. This blog is the third in Josh Hatfield‘s three-part series, “3 Problems that Plague E-Commerce Sites.” Find earlier entries in this series at our blog.
An e-commerce website earns or loses business in part based on how quickly it responds. Kissmetrics’ thorough studies on this subject tell us that 40% of online shoppers abandon a site that takes more than 3 seconds to load. As the Aberdeen Group puts it, customers are won or lost in a single second – it was true 10 years ago, and it’s true today.
But an e-commerce site's load times are difficult to accelerate. Product images are the lifeblood of an online store, and they can only be optimized so much. Third-party data for these sites is being loaded from a variety of addresses (where ads reside, CDNs, tracking programs, and so on), and it only takes one to stall your page.
Meanwhile, e-commerce sites are getting larger and slower all the time – according to Web Performance Today, the median e-commerce page grew 67% between Summer 2013 and Summer 2014, and loaded more than a second lower across the same survey period. According to Yottaa, the average image size on an e-commerce site is nearly four times that of a non-commerce website.
So how do you ensure that your e-commerce site runs at optimal speed while still delivering the graphics-intensive experience that sells your product? Here are five elements to consider to get the most speed out of your e-commerce site.
Content Delivery Networks: It’s important to remember that every picture on a site represents another resource the browser must pull for the page to completely load. The response time of the image source is crucial, so businesses with a huge list of products will often use a content delivery network, or CDN, to provide multiple sources for these images, ensuring each user pulls the items from the nearest server.
Caching: The most frequently accessed product pages and page elements should be cached so that they don’t have to be repeatedly retrieved on each visit. How many of your pages use the same header and footer, or ubernav and menu? Set those items to be cached, and they are removed from each reload.
Gzip: Load times are greatly affected by image size, so image compression becomes a key element of achieving the desired speed. Gzipping generally delivers a webpage at between one-half and one-third its original size. A server simply has to be configured to offer gzipped content if the browser can interpret it – and all modern browsers do. As long as you’re not catering to Netscape Navigator users, gzipping is a good idea.
Load Distribution: If you’re product catalog is very large, it may need its own server to thrive. Allocating resources separately to pulling this information can make a big difference for a high-traffic, big-catalog site.
Third-party resources: While a few social media widgets and analytics scripts may be required, always remember that you’re balancing external content against your site’s load time. For the items that are crucial, consider caching scripts if they aren’t update-sensitive or hosting the scripts yourself, or employ asynchronous loading – essentially telling that item to load after everything else so that more crucial items aren’t impaired.
And, of course, it helps if you have an elite hosting provider with top-notch hardware and networking, and 100% availability guarantees. Learn more about what Hostway can do for your e-commerce site.
Today, Magento released new versions and patches related to vulnerabilities that could be exploited to access customer information or take over administrator sessions. The root of the vulnerability stems from the improper validation of email addresses that are entered into the customer registration form. Unfortunately, such a flaw would allow an attacker to add JavaScript to the email field of the form. What does all this mean? Simply put, whenever a new form is filled out, the malicious Java Script code is triggered when the user account is listed in the back end panel of the website. All versions of Magento are affected, but there are no confirmed attacks related to these issues.
If you haven’t undated your Magento to the latest version, or installed patches to keep you current, you may want to ensure that you haven’t been effected by the vulnerability by checking a few things
Full articles about the Magento 1.x and Magento 2.x issues are posted in the Magento Security Center. Additionally, all new releases and a separate USPS patch support recent USPS changes.
The Magento Community Edition 2.0.1 release also contains several important functional updates, including official support for PHP7.0.2.
To download your update, please visit the Community Edition Download Page. These two patches (SUPEE-7405 and SUPEE-7616) are available to address security and USPS issues for Community Editions 1.5.0.0-1.9.2.2. Both sets of improvements are included in Community Edition 1.9.2.3 and Community Edition 2.0.1. Be sure to install all previous patches, if you haven’t done so already. All previous USPS patches must be installed for the new patch (SUPEE-7616) to work. We advise installing patches in a development environment before putting them into production.
Hostway now provides Managed Magento Support.
Hostway’s new Managed Magento Support includes but not limited to the following:
Need help keeping your Magento deployment running? Contact us today and let Hostway help you patch your Magento application.
Businesses that rely heavily on e-commerce – as most do these days – know that there are three principal issues which can reduce the effectiveness of their site. This blog is the second in Josh Hatfield‘s three-part series, “3 Problems that Plague E-Commerce Sites.” Check back in for the final entry next week.
According to a 2015 Business Insider report, about $4 trillion of purchases are abandoned annually in online shopping carts, and that number is only increasing. Many e-commerce sites experience abandonment rates between 60 and 75 percent, according to the Baymard Institute – in addition to a website bounce rate in the vicinity of 30 percent – but why are 3 out of every 4 or 5 customers failing to complete their transactions?
As you might suspect, there’s more to it than uncertainty about a purchase. Customers are turned off late notifications of additional fees, expenses related to delivery and shipping, and long delivery times. Many of these issues are not under your control. But addressing what you can affect will help keep some customers from escaping your grasp.
Here are 12 ideas for reducing cart abandonment on your e-commerce site.
Prominent Security Indicator: Any PCI-compliant site should display the padlock symbol and use an https address. These reassure the customer that they can trust you to encrypt their financial information.
Sign Up? No? OK: First-time buyers may not want to create an account at your site. Registration shouldn’t extend beyond what’s needed to complete the transaction, and should occur simultaneously with the purchase. Even if it’s the same amount of data entry, a customer doesn’t want to be told to sign up before buying something.
Multiple Payment Options: In an expanding world of transaction types, it’s important for a site to accept as many forms of payment as possible. If a prospect doesn’t see PayPal, Google Wallet, or another preferred option, it’s an immediate invitation to exit.
Free Shipping If Viable: Especially for smaller, more expensive items, free shipping can be a simple, affordable incentive for a retailer to provide. Otherwise, be sure to provide an estimated shipping cost as soon as a mailing address has been entered.
Shipping Address as Billing Address by Default: Save customers time by ensuring that they don’t have to type in the same exact address information twice. A simple checkbox will suffice, indicating that mailing address and billing address are identical.
Progress Meter: “Man, how many steps does it take to get these people to take my money?” Make sure they know with a simple linear phase indicator, letting them see how many more pages are left before they reach a purchase confirmation.
Time-Limited Offers: Some abandoned carts result from consumers simply wanting to see what the total cost would be. Incentivize purchasing now with promotional rates.
Real-Time Support: If a customer is having difficulties, or simply has questions that the website doesn’t answer, live chat via phone or web interface reinforces the idea that you care about the customer and want to earn his business.
Backlinks: Give the customer the opportunity to backtrack and revisit the catalog without using the browser’s back button. If nothing else, it’s a visual reminder that you’re not trying to trap them.
Save Cart Functionality: If a customer is interrupted during the purchasing process, or simply wants to use the shopping cart as a wish list, let them return to their selections at another time. A wish list option could also serve the second purpose.
Cross-Selling Where Appropriate: If you’re going to suggest other products a customer may be interested in during their checkout process, make sure these suggestions make sense, both in terms of expense and what the items are. A bad algorithm for picking related products can convince consumers that you don’t know what you’re doing.
Email Remarketing: If you’ve collected a consumer’s email address before they abandon their cart, contact them to remind them of their purchase in progress. Sometimes, they need an extra nudge to finish the transaction.
Embracing these characteristics will put you well on your way to offering a customer-friendly experience, and making more sales along the way.