Has that time come yet? The “time” when you realize that your once a start-up business, involving just a few processes and people, has gradually grown into a hard to manage infrastructure? One having plenty of... “holes” to be plugged for better efficiency? Then it's a fact: you need to look for a business process consultant! But what is business process consulting anyway?
And this is just one of the questions that I'll do my best to answer in today's post. Besides this, I'll be:
pointing out to you, as clearly as possible, what a business process consultant does, more precisely
how a business process consulting campaign works, from step A to step Z
5 reasons why you should opt for such services (or 5 “benefits” that you'll reap from opting for such services, if you prefer)
So, shall we delve right into it?
First Things First: What Is Business Process Consulting?
Take it as a “diagnosis & prescription” applied to your business process.
It's a process where an external consultant:
comes in to closely analyze all the processes being carried out within your organization
… and to identify any inefficient use(s) of resources, redundant processes that could get easily automated etc.
then present the results of his/her “investigations”, along with his recommendations to you, top management
And, if requested, he could also run simulations to test the suggested process improvements.
That's the whole process broken down into its essential steps!
And... How Does It Work? The Entire Process in 4 Simple Steps
Now don't imagine your business process consultant running his/her investigations “undercover”. Or locked somewhere in an office, studying documents, infographics and stats and “thinking up” his recommendations for your business workflow.
For it doesn't work like that!
He/she will need to get out there and to actually observe your team “in action”. To detect, on the spot, any proofs of inefficient use of time or simply to understand how each process works.
For, you can't improve something that you don't “intimately” understand.
Now that we've settled this, here's a business process consulting campaign... broken down into 4 steps:
a. The business process consultant starts by doing what it takes to gain a deep understanding of all the processes that your business's based on.
And his/her methodology could involve tactics ranging from:
interviewing your team members
to watching them closely as they carry out their regular tasks
b. The observation phase and the issues-detecting phase take place simultaneously.
Therefore, once your business process consultant identifies all the areas of improvement and the “weak links”, he'll start putting together his “battle plan”. His list of recommendations for clearing all those detected inefficiencies.
And these “efficiency holes” could be:
bottlenecks, leading to work getting piled up in one specific area from the whole workflow system
inefficient use of resources (time being the most valuable of them all)
too complex layouts that might delay the completion of certain tasks
repetitive processes that could be automated
areas where lack of accountability or bad communication impacts productivity
c. The business process consultant presents his/her report to you, along with his process-focused recommendations for improving efficiency
d. You might want to see those suggested improvements applied to your workflow and the new system “in practice”. This is an optional step where you require a test to be set up.
What Does a Business Consultant Do?
He/she puts together an accurate and realistic picture of the workflow within your organization and points out all the “cracks” in this picture.
And eventually delivers you the solutions for...filling them in.
And this definition could be an equally viable answer to the question: “What is business process consulting?”
Now to sum up a business process consultant's “mission” to even fewer words, it would go something like this:
He/she documents your business processes, “equipping” them with clear sets of instructions, so that each member of your team should know, at any phase, what are the next steps to take
Why hire a business process consultant instead of assigning someone in your team to handle all this documenting and structuring your workflow into repeatable processes?
Because in case of overly complex infrastructures, with tasks, varying a lot, depending on too many factors, documenting and organizing them gets unexpectedly challenging.
Especially if you (your team) don't have the know-how or the needed time for analyzing, in detail, every single little operation in your workflow.
5 Reasons to Use Business Process Consulting Services
Now let's talk... clear advantages! Here are the main benefits that you'll reap from opting for such services:
1. Less Time for Managing Details, More Time for The Big Picture
Do the math yourself:
How much of your time do you waste/invest in managing all kinds of day-to-day... details?
Now just imagine how much time you'd save if you took all these burdening tasks, all these time-consuming responsibilities, off your back!
And this is precisely what the business process consulting services are aimed at:
helping you stop “wasting” time on details
… by automating all those day-to-day management tasks
… so you can focus more on those new projects that you have been postponing, on exploring new revenue opportunities
… and on your customers, too
2. A Consultant Will Instill Responsible Attitudes Within Your Team
Without every member of your team motivated to adhere to certain quality standards and best practices... any attempt to improve efficiency is useless.
And this is another valid answer to your “What is business process consulting?”
It's all about motivating your team to feel some sort of ownership over the results of the tasks they perform.
A business process consulting not only that will “detect” those team members who:
skip a few (maybe crucial) steps when performing a task
come up with their own shortcuts for carrying out certain tasks, which might impact the final product's overall quality
… but he/she will also work on motivating your team to adopt the recommended best practices and a certain work ethic. For one of his/her key responsibilities is to make everyone in your team feel responsible for his work.
3. You'll Be Expanding Your Capabilities as an Organization
And it's a “cause and effect” process if you come to think of it:
More efficient business processes lead to enhanced capabilities in every sphere.
And I'm talking here about enhancing efficiency when it comes to:
scope
scalability (by seizing and leveraging opportunities for improving your infrastructure, your organization gets to grow internationally, as well)
4. You'll Be Simplifying All Your Business Operations
Mobile media, cloud computing, social media... and all the latest technologies will only give your business processes a major efficiency boost.
And it's that business process consultant that you'll hire who'll be:
handling the IT assimilation process
selecting the right technology(s) for each process
reducing the IT complexities
simplifying and automating workflows
5. You'll Be Cutting Down Costs
And here you get another valid answer to your “What is business process consulting?” question:
"It's process-re-engineering."
… during which all the business processes included in your workflow get closely audited, evaluated and properly optimized.
And a certain hierarchy set up:
resources get reallocated to more important projects
and a plan for investing in technology (for automating key processes) is put together
Time to Let an Expert Document & Improve Your Processes Now!
Now that you know what business process consulting is, it's time to:
stop using the budget “excuse” and consider all the resources of time and money that you'll be saving
… or the “dangers” menacing your business if you allow it to run on undocumented processes (anytime someone in your team could make a mistake from lack of a well-structured workflow & a set of clear instructions)
realize that such a complex process does call for an expert
Adriana Cacoveanu / Apr 14'2018
Adaptive vs responsive design. Is there really a matter of “better vs worse”? What's the difference anyway?
For the boundaries sure look blurry enough. Especially since both types of web design provide you with a solution to the same challenge. The one you're facing as a web designer:
A design that should cater to all screen sizes.
Now, instead of delving into this confusion even deeper, let's shed some light on:
the responsive design key features
the adaptive design's particularities
each option's advantages and drawbacks
key differences between adaptive and responsive design
1. Responsive Design: What Is It?
Using one single layout when designing a web page, that adjusts itself to fit the given screen size.
This would have to be a concise, yet comprehensive definition.
If I am to add a bit more details to it, I would have to say that:
It's a “fluid” layout, a “fluid” grid that we're talking about here, one using CSS, Content (Based Breakpoint) and media queries
… for setting up different style roles for each device/media type
Long story short: the responsive design approach enables your site's pages to (more or less seamlessly) adapt to various screen resolutions.
Note: implementing a responsive design does call for a website conceptualization phase and a deep understanding of the end user's needs and expectations!
2. Adaptive Design: A Concise Definition
Or “progressive enhancement of a website” if you prefer:
This approach to web design is centered around “multiple fixed layout sizes”. Basically, you'll need to create different layouts, one for each screen size. Once the website “identifies” the type of device the user's accessing it from, it just triggers the appropriate pre-set layout.
A layout that you/your team will need to prepare in advance, needless to add (so, you'll need to plan your time and budget accordingly).
Who's leveraging this approach? Apple, About.com, Amazon are just some of the big names.
It's an alternative to the “one-size-stretches-to-all” option in modern web design.
Note: since we can't be talking about a unique layout being re-sized over and over again, there's no impact on the overall design; no more over-stretching or other inconveniences of the sort.
3. Responsive Design: Why Would You Use It? And What Could Discourage You?
Why and when would/should you be “tempted” to go with this approach to modern web design?
Let's go through some of this type of web design's most “irresistible” strong points, shall we?
it's easier to set up and less time-consuming to implement
since the same design is being used, seamlessly, on all devices, a certain feeling of familiarity is being instilled, enhancing the overall user experience
… we can talk about a unified visual (and operational) end-user experience
the collection of affordable templates at hand, suitable for most CMSs, is ideally rich and particularly “tempting” if it's a brand new website that you need to design
a “one size fits all” type of flexibility
it's SEO-friendly; since we can't be talking about distinct design versions, there's no negative impact on the SEO strategy either
lower maintenance costs
no redirection needed for establishing the connection between mobile and desktop sites
And yet, this approach does come packed with certain disadvantages, as well. Limitations that you need to note and ponder on before you make your adaptive vs responsive design decision:
you'll have less control over the screen size design
expect longer mobile download times
no possibility to fine tune the advertisements showing up on your website
expect to have certain elements scattered, moving around the screen once the design readjusts itself to the given screen's width
4. Adaptive Design: Main Advantages & Drawbacks
Your “adaptive vs responsive design” dilemma becomes even acuter when you realize that you need to choose between:
A seamless design, plus a certain sense of familiarity and a suite of tailor-made design solutions catering to users' specific needs.
And how do you choose, since both familiarity and customization have a huge impact on the user experience?
Now, let's have a look at some of the adaptive design's strong points:
as mentioned: it enables you to deliver custom-made web design; different layouts created for various screen resolutions (instead of one layout “stretched/shrunk to all of them”)
it complies with the requirements of modern user experience: personalization-focused UX and user-centric approach to web design
… meaning you're not creating the best UX, but the best UX for each one of the devices that your users will be accessing your website from
by “tailor-made” I do mean “tailor-made advertisements”, perfectly optimized to your relevant user interface and tailored to the user data collected from smart devices
in an adaptive vs responsive design debate, the first one will always win when it comes to performance: sites using an adaptive design are just faster
… and speed will always be a differentiating factor in Google's eyes
coding an adaptive design is more time-efficient
implementing it is more cost-effective
managing it tends to be easier since you only need to consider few states
testing it is much easier (with more accurate results, as well)
And now, are you ready for a list of drawbacks to balance adaptive design's advantages with? Just so you can gain a more objective understanding, evaluating all the pros and cons in full:
it usually requires more work, and therefore it's used mostly for overhauling existing websites, rather than with new websites (considering that “more work” stands for “more time-consuming”)
the site configuration being either desktop or smartphone-focused, tablets and notebooks users are... left in the middle
it impacts your SEO strategy, since search engines will detect and penalize identical content showing up on different websites (“.com” and “m.com” sites)
5. Adaptive vs Responsive Design: Key Differences to Take Away
The most notable differences for you to keep in mind from this comparative analysis of the 2 popular options at hand are the following:
a responsive design is a consistent one: what you get on desktop, you get on a smaller screen size, as well
a responsive design might turn out to be easier to maintain on the long run: with every new screen size emerging, it will adapt to it, by default
… by comparison, with an adaptive design you'll need to create a brand new layout for every new possible device, with a specific screen width, that might get released
on a long-term, we could say that maintaining a site using adaptive design gets more challenging: it's several fixed layouts that you'll need to manage (instead of just one)
the adaptive screen size (you'll be using static breakpoint for building adaptive design) is less flexible than the responsive screen design: you'll need to design (from scratch) for every display that you target
The END! Are all these strengths and limitations of the two popular approaches to modern web design of any help to you? For solving your “adaptive vs responsive design” dilemma?
Silviu Serdaru / Apr 13'2018
Instead of stubbornly keeping yourself stuck, thinking that “Clients don't really know what they want”, how about you... give them a hand? Helping them identify and clearly articulate their needs! Especially since there are so many effective, tried-and-tested tools and techniques that grant you success when you're collecting requirements for your project.
And it sure is worth all the effort. Or, to put it this way:
It will cost you/your project a lot if you're doing it wrong.
In this respect, numbers make the most reliable proofs:
Behind the great majority of project failures, there's a lack of clarity on requirements.
Therefore, learning how to collect requirements for your project:
instead of jumping straight to the design phase
way before developers start defining their own scenarios for functional tests
… is crucial to the overall success of your project.
And now, here's the “arsenal” you should tap into and use to its full potential:
The most effective tools and techniques to “power” your collecting requirements process with.
What Is This Process? What Is Involved in Collecting Requirements for Your Project?
And it seems only natural to attempt to define this whole process, first things first:
Collecting requirements is the process of identifying and documenting (and managing) the stakeholder needs and requirements.
This way, you're determining and documenting all the key features and functions of the product that you're due to develop. As well as identifying all the processes that you'll need to carry out for achieving the project scope.
Speaking of which: this is the process that helps you clearly define the project's scope itself.
“And how come (so) many teams fail at it?”
Mostly because development teams don't have a good process for effectively collecting requirements set up in the first place.
And a “good process” starts with proper segmentation, into multiple key steps to take, such as:
elicitation
analysis
specification
...
Also, another strong reason behind IT teams-clients communication failure is underrating the iterative approach to defining requirements:
A highly effective technique, since requirements are often quite “blurry” early in a project
The Facilitated Workshop: Enhance Cross-Functional Team Collaboration
The purpose behind it? There are several in fact:
bringing different stakeholders together will help you identify and better understand their difference of opinion (if there's any)
you'd be improving cross-team communication from the very start
you'll be “unearthing” inherent challenges that different stakeholders face and that involved parties, by themselves, aren't even aware of
In short: conducting a facilitated workshop does what its name says, it facilitates stakeholders to identify and clearly articulate their requirements.
Interviews: One-On-One Meetings With Different Types of Stakeholders
Prepare a different set of questions, for each one of your target stakeholders, and have some one-on-one meetings.
Each of them is differently impacted by the “problem/need” that your team should come up with a solution-product for. Therefore, interviewing them all, separately, will only help you gain both:
in-depth
and comprehensive understanding of that specific problem/need
Leverage the Participant Observation Method
A highly effective technique used in the collecting requirements process.
And it becomes particularly useful when stakeholders are having difficulties identifying and clearly articulating their requirements.
Or when the given system/process is too complex and you need to actually observe people in action for analyzing it and understanding how it works. And what its limitations are.
In these 2 cases, it's only by observing the participant “in action” that you can properly record requirements.
In this respect, a “kindred” method that you could use during the collecting requirements for your project process is the “participant-observer” one. Where you get to actually test that system/process yourself, too.
5 Group Creativity Techniques to Explore
1. Idea mapping
“What is the scope of this process?” you might ask yourself.
By putting together all the different stakeholders' ideas into a mind map, you'll gain a bird's-eye view of them all! On how they're connected to one another, which are the best of them, what are their pros and cons?
And speaking of grouping ideas into a “mind map”, there are several types of maps that you could set up:
archival strategies
data transfer mechanism
data formats
2. The nominal group method
Using this method to collect requirements inputs will save you loads of time.
Basically, you set up a group of stakeholders, ask them to share their ideas, and... submit them all to vote.
Only those scoring the most votes will be further taken into account. And this will just streamline the entire decision-making process!
3. Related ideas diagrams
Probably the best way to neatly categorizing that huge pile of ideas that you will have collected!
How does it work? You simply write down all those ideas on separate cards, then pair the similar ones together, till there's no “isolated” card left. And you end up with a diagram of ideas, nicely structured into different categories.
Starting there, you can put together your cause-and-effect diagrams.
4. Brainstorming
"What are the best ways to gather requirements?”
Brainstorming is (should be) on top of any To-Do list for a collect requirements process!
Schedule brainstorming sessions with different focus groups of stakeholders and challenge them to share their ideas. You'll end up with a whole “pile” of diversified “steamy fresh” ideas to work on.
5. Group decision making
Let's say you get several alternatives for the very same requirement. What do you do?
How do you filter the best one?
You set up a decision-making group and... ask them to give their inputs. It will be a collaborative decision-making process.
In the end, it's the requirement that they all (or the majority) agree on that will get selected.
Benchmarking
Mind you don't underrate this technique!
For, as “banal” as it may seem, it's surprisingly effective:
Compare the current project with a similar one and try to identify the best practices and key processes. And to even come up with better methods to solve certain challenges, while you compare the 2 projects.
Document Analysis: One of The Collect Requirements Process's Key Steps
Another great way to determine the requirements for your project is to analyze all the documents at hand:
system use cases
proposal
legal requirements
user documentation
design documents
system use cases
…
Create Context Diagrams
Here's just one of the best answers to the following question:
“What are some basic requirements gathering tools and techniques?”
By putting together context diagrams, you're creating a visual representation of the whole system. Its interaction with users and other external systems here included!
What's the point?
By visualizing the entire system it'll be easier for you to spot all those business scenarios that you might have overlooked. Scenarios for which you haven't collected and documented any requirements yet.
Come Up With Prototypes
This technique comes in handy in your whole collect requirements process if:
your client just can't envision and thus can't articulate the requirements
the system/product/process you're due to put together is too new, too complex
Setting up and then providing your client with a simple working model, with basic functionality, will help him/her get a clearer picture of how it should work. And give him the chance to “taking it for a spin”, to experiment it.
Once the stakeholders have tested it, they'll be more confident to provide you with relevant inputs.The ones you'll need to actually get this new system developed.
Get a Grip on The Gherkin Syntax
Consider learning to speak Gherkin fluently in order to guarantee the success of your requirement collecting process.
The main benefit that you'll be “reaping” is a record of utterly explicit requirements. And it's the Gherkin syntax that constrains them to be so.
For instance, have a look at this example here, from Neoteric.eu, of the Gherkin syntax being used for collecting scenario-specific requirements only:
Feature: Logout from application
Scenario:
Given I am logged in
When I click “log out” button
Then I am informed about successful logout
And I am redirected tologin page
See? Zero ambiguity!
Both the:
business analyst(s)
developers
… in your team will benefit from leveraging this language.
The first will end up with perfectly explicit requirements, while the latter will get the clear information needed for setting up functional test scenarios.
A win-win situation.
The END! Does this answer your “What is involved in collecting requirements for your project?” kind of question?
Adriana Cacoveanu / Apr 11'2018
Feeling stuck? Can't seem to put a finger on at least a few clear differences between PHPStorm and WebStorm? And you need to choose the most suitable IDE software for web development?
There sure must be some strong differences, other than:
PHPStorm doesn't provide JavaScript-oriented plugin support right out-of-the-box like WebStorm does.
Now, before we go “hunting” some key differences between PHPStorm and WebStorm, I'd like to add one last recommendation to consider when you select the right IDE for you:
It all comes down to evaluating various solutions and identifying not THE BEST, but the application that's perfectly suited to your specific needs.
That being said, without further ado, let's evaluate the “candidates”!
I'll be highlighting their key features (all while outlining the key differences between them) while you set them against your business requirements and specific feature needs, OK?
First of all: A Few Words About PHPStorm and WebStorm
Both IDE software products (Integrated Development Environment) are built on top of JetBrains IntelliJ platform. And geared at web development.
This has to be the most concise, yet comprehensive shared definition of our two “candidates” here. Let's move on to putting the spotlight on each of them, in turn...
PHPStorm: Key Features
If I am to turn a text definition into a mathematical formula, it would have to be something like this:
WebStorm + Database support + WebStorm = PhpStorm
Or, if I am to stick to a “conventional”, a standard text definition, it would go something like this:
PHPStorm incorporates all the functionality that WebStorm comes equipped with (CSS, JavaScript HTML), PLUS full-fledged PHP support (and databases support).
Also, sticking to the very purpose of this blog post — pointing out the key differences between PHPStorm and WebStorm — I should add that PHPStorm doesn't support JS like WebStorm does.
It doesn't provide built-in support for JavaScript plugins like its “competitor” does.
Now when it comes to its main functionalities:
start PHP code editor
HTML & CSS editor
Code navigation
JavaScript editor
Code quality analysis
Database & SQL
Debugging
Smart PHP code editor
Testing
Intelligent coding assistance
As for the integrations that PHPStorm supports, here are the most notable ones:
some of the most popular PHP test frameworks: Behat, Codeception, PHPUnit, PHPSpec
Composer Dependency Manager; this way you get to manage your project's dependencies right from the IDE
the webpack module bundler
React; it's perfectly equipped to assist you in linting, debugging, editing, running and configuring your apps
various compilers: Less, CSS, Sass, SCSS
Angular (Angular 2); it streamlines the process of building your desktop, web or mobile applications
WebStorm: Top Features
As already mentioned here: WebStorm “spoils” you, right out of the box, with support for JavaScript-oriented plugins.
Whereas, if you opt for PHPStorm, you'll need to install the needed JS plugins manually for achieving specific functionality.
And now, returning to its top features, here are just a few:
Extensive Navigation & Search capabilities
Support for React Native, PhoneGap, Cordova, Ionic and Node.js.
Unified UI for working with many popular Version Control Systems
Coding assistance for JavaScript and compiled-to-JavaScript languages, HTML, Node.js and CSS
Built-in debugger
Code quality tools
Built on top of the open-source IntelliJ Platform
Advanced coding assistance for Vue.js, React, Angular and Meteor
Spy-js tool for tracking JavaScript code
Simple unified UI for running Gulp, Grunt or npm tasks right from the IDE
… and the list of key features and tempting functionalities goes on.
Now another one of its main strengths, besides its built-in JavaScript-centered functionality, is given by all the integrations that it supports:
Spring
AcquiaMicrosoft
Google
Acquia
… a “detail” you sure don't want to underrate if you just consider the time and effort you'd be saving when working with an IDE that supports multiple integrations.
It will streamline the transfer of information between teams and services and cut down the valuable time otherwise invested in migrating from one software to another.
Choose WebStorm If...
... you're a front-end, JavaScript developer or, better said:
A “hardcore” one, depending on robust HTML, JavaScript and CSS-oriented features, such as JSUnit or Node.JS.
Go With PHPStorm If...
... you're having trouble choosing between PHPStorm and WebStorm, the most obvious proof that the first IDE (PHPStorm) is the one for you is the following:
You're a full stack back-end developer
And so, your work depends greatly on specific features, such as refactoring PHP code and built-in debuggers.
Final Word: Differences Between PHPStorm and WebStorm
It goes without saying that there's no such thing as IDE software ideally equipped to meet ALL your requirements.
Basically, when deciding between PHPStorm and WebStorm:
defining your specific needs (JavaScript-oriented or PHP-centered) is the very first thing to do
going for the IDE that integrates well with other programs is something that you'll need to consider, given the benefits that derive from there
So, have you got your answer yet? Judging from these key differences between PHPStorm and WebStorm, which one caters to your specific requirements?
RADU SIMILEANU / Apr 10'2018
With popularity comes trouble... In this case here meaning: security vulnerabilities and risky over-exposure to cyber threats. And this can only mean that securing your website, that's running on the currently third most popular CMS in the world, calls for a set of Drupal security best practices for you to adopt.
And to stick to!
There's no other way around it: a set of strategically chosen security measures, backed by a prevention-focused mindset, pave the shortest path to top security.
Stay assured: I've selected not just THE most effective best practices for you to consider adopting, but the easiest to implement ones, as well.
Quick note: before I go on and knee-deep into this Drupal security checklist, I feel like highlighting that:
Drupal still has a low vulnerability percentage rate compared to its market share
the majority of Drupal's vulnerabilities (46%) are generated by cross-site scripting (XSS)
And now, here are the tips, techniques, and resources for you to tap into and harden your Drupal site's security shield with.
1. The Proper Configuration Is Required to Secure Your Drupal Database
Consider enforcing some security measures at your Drupal database level, as well.
It won't take you more than a few minutes and the security dangers that you'll be safeguarding it from are massive.
Here are some basic, yet effective measures you could implement:
go for a different table prefix; this will only make it trickier for an intruder to track it down, thus preventing possible SQL injection attacks
change its name to a less obvious, harder to guess one
Note: for changing your table prefix you can either navigate to phpMyAdmin, if you already have your Drupal site installed, or do it right on the setup screen (if it's just now that you're installing your website).
2. Always Run The Latest Version of Drupal on Your Website
And this is the least you could do, with a significant negative impact on your Drupal site if you undermine its importance. If you neglect your updating routine.
Do keep in mind that:
it's older versions of Drupal that hackers usually target (since they're more vulnerable)
the regularly released updates are precisely those bug fixes and new security hardening features that are crucial for patching your site's vulnerabilities.
Why should you leave it recklessly exposed? Running on an outdated Drupal version, packed with untrusted Drupal modules and themes?
Especially since keeping it up to date means nothing more than integrating 2 basic Drupal security best practices into your site securing “routine”:
always download your themes and modules from the Drupal repository (or well-known companies)
regularly check if there are any new updates for you to install: “Reports” → “Available Updates”→“Check manually”
3. Make a Habit of Backing Up Your Website
And here's another one of those underrated and too often neglected Drupal security best practices!
Why should you wait for a ransomware attack and realize its true importance... “the hard way”?
Instead, make a habit of regularly backing up your website since, as already mentioned:
There's no such thing as perfection when it comes to securing a Drupal site, there's only a hierarchy of different “security levels” that you can activate on your site
And backing up your site, constantly, sure stands for one of the most effective measures you could apply for hardening your Drupal website.
Now, here's how you do it:
make use of Pantheon's “one-click backup” functionality
test your updates locally using MAMP or XAMPP or another “kindred” software
harness the Backup and Migrate module's power, currently available only for Drupal 7
export your MySQL database and back up your files “the old way”... manually
There, now you can stay assured that, if/when trouble strikes, you always have your backup(s) to retrieve your data from and get back “on your feet” in no time!
4. Block Those Bots That You're Unwillingly Sharing Your Bandwidth With
No need to get all “altruist” when it comes to your bandwidth!
And to share it with all kinds of scrappers, bad bots, crawlers.
Instead, consider blocking their access to your bandwidth right from your server.
Here's how:
Add the following code to your .htacces file and block multiple user-agent files at once:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*(agent1|Wget|Catall Spider).*$ [NC]
RewriteRule .* - [F,L]
Or use the BrowserMatchNoCase directive as follows:
BrowserMatchNoCase “agent1” bots
BrowserMatchNoCase "Wget" bots
BrowserMatchNoCase "Catall Spider" bots
Order Allow,Deny
Allow from ALL
Deny from env=bots
Use the KeyCDN feature for preventing those malicious bots from stealing your bandwidth!
5. Use Strong Passwords Only: One of the Easiest to Implement Drupal Security Best Practices
More often than not “easy” doesn't mean “less efficient”.
And in this particular case here, simply opting for a strong username (smarter than the standard “admin”) and password can make the difference between a vulnerable and a hard-to-hack Drupal site.
For this, just:
Manually change your credentials right from your admin dashboard: “People” → “Edit”→ “Username” while relying on a strong password-generating program ( KeePassX or KeePass)
6. Use an SSL Certificate: Secure All Sensitive Data and Login Credentials
Would you knowingly risk your users' sensitive data? Their card information let's say, if it's an e-commerce Drupal site that you own?
And how about your login credentials?
For this is what you'd be doing if — though you do recognize the importance of using an SSL certificate — you'd still put this measure at the back of your list of Drupal security best practices.
In other words, running your site on HTTPs (preferably on HTTP/2, considering all the performance benefits that it comes packaged with) you'll be:
encrypting all sensitive data that's being passed on, back and forth, between the server and the client
encrypting login credentials, instead of just letting them get sent, in crystal-clear text, over the internet.
7. Use Drupal Security Modules to Harden Your Site's Shield
For they sure make your most reliable allies when it comes to tracking down loopholes in your site's code or preventing brutal cyber attacks.
From:
scanning vulnerabilities
to monitoring DNS changes
blocking malicious networks
identifying the files where changes have been applied
… and so on, these Drupal modules will be “in charge” of every single aspect of your site's security strategy.
And supercharging your site with some of the most powerful Drupal security modules is, again, the easiest, yet most effective measure you could possibly enforce.
Now speaking of these powerful modules, here's a short selection of the “must-have” ones:
Password Policy: enables you to enforce certain rules when it comes to setting up new passwords (you even get to define the frequency of password changes)
Coder : runs in-depth checks, setting your code against Drupal's best practices and coding standards
Automated Logout: as an admin, you get to define the time limit for a user's session; he/she will get automatically logged out when the time expires
SpamSpan Filter: enables you to obfuscate email addresses, thus preventing spambots from “stealing” them
Login Security: deny access by ID address and limit the number of login attempts
Content Access: grant permission to certain content types by user roles and authors
Hacked!: provides an easy way for you to check whether any new changes have been applied to Drupal core/themes
Security Review Module: it will check your website for those easy-to-make mistakes that could easily turn into security vulnerabilities; here's a preview of this module “at work”
8. Implement HTTP Security Headers
Another one of those too-easy-to-implement, yet highly effective Drupal security best practices to add to your Drupal security checklist:
Implementing (and updating) HTTP security headers
“Why bother?”
Cause:
first of all, their implementation requires nothing more than a configuration change at the web server level
their key role is letting the browsers know just how to handle your site's content
… thus reducing the risk of security vulnerabilities and brute force attacks
9. Properly Secure File Permissions
Ensure that your file permissions for:
opening
reading
modifying them
… aren't too dangerously loose.
Since such negligence could easily turn into an invitation for “evil-minded” intruders!
And it's on Drupal.org's dedicated page that you can find more valuable info on this apparently insignificant, yet extremely effective security measure
10. Restrict Access To Critical Files
Told you this was going to be a list of exclusively easy-to-implement Drupal security best practices.
Blocking access to sensitive files on your website (the upgrade.php file, the install.php file, the authorize.php file etc.) won't take you more than a few minutes.
But the danger you'd avoid — having a malicious intruder risking to access core files on your Drupal site — is way too significant to overlook.
END of the list! These are probably the easiest steps to take for securing your Drupal site.
How does your own list of Drupal security tips, techniques, and resources to tap into look like?
RADU SIMILEANU / Apr 06'2018
Who are your visitors? Where do they come from? And what do they do precisely during their visits on your Drupal site? How long are their visits? What content on your site do they linger on and what content do they “stubbornly” ignore? Needless to say that for getting your answers to all these questions you need to set up Google Analytics on your website.
Since:
“This data--aka analytics--is the lifeblood of the digital marketer.” (Jeffrey Mcguire, Acquia, Inc. Evangelist)
The good news is that integrating it is nothing but a quick and simple 3-step process. And the great news is that:
Drupal's got you covered with its dedicated Google Analytics module, geared at simplifying the otherwise tedious and time-consuming process.
So, shall we dive into the installation guide?
1. But First: Why Web Analytics? And Why Precisely Google Analytics?
In an UX-dominated digital reality, that takes personalization to a whole new level, user behavior data turns into... superpower.
And by “user behavior data”, I do mean web analytics.
Therefore, injecting a web analytics service into your Drupal site is like... injecting true power into its “veins”.
But why precisely Google Analytics?
Why set up Google Analytics on your Drupal site instead of another web analytics tracking tool? Is its popularity a strong enough reason for you to jump on the trend?
To answer your question, I do think that its own key features make the best answers:
audience demographic reporting: discover where your site visitors come from, their native languages, the devices and operating systems they use for accessing your website...
goal tracking: monitor conversion rates, downloads, sales and pretty much all stats showing how close (or far) you are to reaching the goals that you've set for your website
acquisition reporting: identify your site's traffic sources; where do your visitors come from exactly?
on-site reporting: gain a deep insight into the way visitors engage with specific pieces of content on your website, so you know how to adjust the experience your deliver them on your site/app to their specific needs
event-tracking: tap into this feature for measuring all activities carried out on your Drupal site
And the list of features could go on and on. Providing you with a high-level dashboard and enabling you to go as deep as you need to with your “data digging”.
For Google Analytics is only as powerful as you “allow” it to be. It empowers you to dig up both surface and “in-depth data”.
Moreover (or better said: “thanks to...”), being such a feature-rich tracking tool, Google Analytics's highly versatile, too. From email marketing to social media marketing, to any type of marketing campaign that you plan to launch, it's built to fit in just perfectly.
To power all forms of marketing strategies.
And where do you add that it's been a while now since we've been having Google Analytics for mobile apps and the Google Analytics 360 suite, too! 2 more powerful GA tools to add to your web analytics “tracking arsenal”.
2. The Drupal Google Analytics Module and How It Will Make Your Life (So Much) Easier
Let me try a lucky guess:
Your Drupal site has... X pages (have I guessed it?)
The “standard” way to add Google Analytics to your Drupal site would involve:
Copying the tracking ID that Google Analytics provides you with and pasting it on each and every page on your website.
A hair-pulling monotonous and time-consuming process, don't you think?
And it starts to look even more cumbersome if you think that you have the alternative to set up Google Analytics on your Drupal site using the dedicated module.
But how does it streamline... everything more exactly?
You'll just need to paste that Google Analytics javascript snippet for tracking data right to this module's Configuration page and... that's it!
The module will take it from there! It will distribute it itself to all the pages on your website.
Less effort, less time wasted for carrying out in a tedious and repetitive activity. And more time left for customizing all those statistics features to perfectly suit your goals and your site's needs.
Luckily enough, the Drupal Google Analytics module puts an admin-friendly UI at your disposal precisely for that:
use it to track down key data
use it for tailoring your web analytics-tracking activity to your needs: by user role, by pages etc.
3. Set Up Google Analytics on Your Drupal Site In Just 3 Simple Steps
As promised, here's a “dead-simple 3-step guide on how to add Google Analytics to your Drupal site (“leveraging the power of the dedicated Drupal module here included”)
Step 1
The very first thing you'll need to do is sign up for a Google Analytics account if you don't have one already. And then to add your Drupal site (obviously!).
And here are the quick steps to take:
go to www.google.com/analytics
hit “sign in” (you'll find it in the top right corner) and select “Google Analytics” from the unfolding drop-down menu
click “Sign Up” and just follow the given steps for setting up your new account
next, follow the instructions for setting up web tracking
Now you should be able to see your Drupal site displayed under your account, on your admin page in Google Analytics.
And it's now that you should be able to retrieve your site's “Tracking ID”, as well. You'll find it in the “Property Setting” section.
Step 2
The next major step to take as you set up Google Analytics on your Drupal site is to actually go back to your site and... install THE module itself.
Since I've already praised its “superpowers” and how they “conspire” to make your life easier, I'm not going to point them out once again.
Instead, I'll go straight to the steps to take once you've enabled the module on your website:
access its configuration page (you'll find the “Configuration” tab on top of the page, “flanked by” the “Modules” and the “Reports” tabs)
there, right under the “General Setting” section, just enter your “Web Property ID”
… which is precisely the Google Analytics tracking code that you've just retrieved at Step 1
And this is precisely the “magic trick” that's going to add the Google Analytics tracking system site-wide. A monotonous, multiple-step process turned into a one-step operation.
This thanks to the Drupal Google Analytics module!
Step 3
Here you are now, ready to save your settings and to officially harness the power of Google Analytics on your website!
Normally you should be just fine with the default settings that the service provides you with, right out-of-the-box.
Yet, if you need to “refine” your searches, your entire tracking activity, feel free to do that. To explore all the options stored in the “Tracking Scope” tabs for you.
Speaking of which, let me give you just a few examples of how deep you could narrow down your “investigations” and customize the modules:
roles: a setting which lets you define which user roles to track (and which roles the system should ignore)
domains: indicate whether it's a single or multiple domains that you need monitoring
privacy: it enables you to make visitors' IP addresses anonymous
pages: indicate precisely which pages on your website you need to track
messages: track and monitor the messages displayed to your site visitors
search and advertising: keep track of your internal site searches and AdSense advertisements; do keep in mind, though, that some additional settings might be needed!
And... more! You actually get even more power for configuring your JavaScript setting and adding custom variables.
The END! This is how you set up Google Analytics on your Drupal site in 3 dead-simple steps, a streamlined process powered by the dedicated Drupal module.
Adriana Cacoveanu / Apr 05'2018
And I'm back, as promised, with 5 more key differences meant to help you solve your Apache Solr vs Elasticsearch dilemma.
To help you properly evaluate the 2 open source search engines and, therefore, to identify the perfect fit for your own use case and your project's particular needs.
6. Node Discovery
Another aspect that clearly differentiates the 2 search engines is the way(s) they handle node discovery.That is, whenever a new node joins the cluster or when there's something wrong with one of them, immediate measures, following certain criteria, need to be taken.
The 2 technologies handle this node-discovery challenge differently:
Apache Solr uses Apache Zookeeper — already a “veteran”, with plenty of projects in its “portfolio” — requiring external Zookeper instances (minimum 3 for a fault-tolerant SolrCloud cluster).
Elasticsearch relies on Zen for this, requiring 3 dedicated master nodes to properly carry out its discovery “mission”
7. Apache Solr vs Elasticsearch: Machine Learning
Machine learning has a way too powerful influence on the technological landscape these days not to take it into consideration in our Apache Solr vs Elasticsearch comparison here.
So, how do these 2 open source search engines support and leverage machine learning algorithms?
Apache Solr, for instance, comes with a built-in dedicated contrib module, on top of streaming aggregations framework; this makes it easy for you to use machine-learning ranking models right on top of Solr
Elasticsearch comes with its own X-Pack commercial plugin, along with the plugin for Kibana (supporting machine learning algorithms) geared at detecting anomalies and outlines in the time series data
8. Full-Text Search Features
In any Apache Solr vs Elasticsearch comparison, the first one's richness in full-text search related features is just... striking!
Its codebase's simply “overcrowded” with text-focused features, such as:
the functionality to correct user spelling mistakes
a heavy load of request parsers
configurable, extensive highlight support
a rich collection of request parsers
Even so, Elasticsearch “strikes back” with its own dedicated suggesters API. And what this feature does precisely is hiding implementation details from user sight, so that we can add our suggestions far more easily.
And, we can't leave out its highlighting functionality (both search engines rely on Lucene for this), which is less configurable than in Apache Solr.
9. Indexing & Searching: Text Searching vs Filtering & Grouping
As already mentioned in this post, any Apache Solr vs Elasticsearch debate is a:
Text-search oriented approach vs Filtering and grouping analytical queries type of contrast.
Therefore, the 2 technologies are built, from the ground up, so that they approach different, specific use cases:
Solr is geared at text search
Elasticsearch is always a far better fit for those apps where analytical type of queries, complex search-time aggregations need to be handled
Moreover, each one comes with its own “toolbox” of tokenizers and analyzers for tackling text, for breaking it down into several terms/tokens to be indexed.
Speaking of which (indexing), I should also point out that the two search engine “giants” handle it differently:
Apache Solr has the single-shard join index “rule”; one that gets replicated across all nodes (to search inter-document relationships)
Elasticsearch seems to be playing its “efficiency card” better, since it enables you to retrieve such documents using top_children and has_children queries
10. Shard Placement: Static by Nature vs Dynamic By Definition
Shard replacement: the last test that our two contestants here need to pass, so you can have your final answer to your “Apache Solr vs Elasticsearch” dilemma.
In this respect, Apache Solr is static, at least far more static than Elasticsearch. It calls for manual work for migrating shards whenever a Solr node joins or leaves the cluster.
Nothing impossible, simply less convenient and slightly more cumbersome for you:
you'll need to create a replica
wait till it synchronizes the data
remove the “outdated” node
Luckily for you, Elasticsearch is not just “more”, but “highly” dynamic and, therefore, far more independent.
It's capable to move around shards and indices, while you're being granted total control over shard placement:
by using awareness tags, you get to control where those shards should/shouldn't be placed
by using an API call you can guide Elasticsearch into moving shards around on demand
The END! Now if you come to think about it, my 10-point comparative overview here could be summed up to 2 key ideas worth remembering:
go for ApacheSolr if it's a standard text-search focused app that you're planning to build; if you already have hands-on experience working with it and you're particularly drawn to the open-source philosophy
go for Elasticsearch if it's a modern, real-time search application that you have in mind; one perfectly “equipped” to handle analytical queries. If your scenario calls for a distributed/cloud environment (since Elastic is built with out-of-the-ordinary scalability in mind)
RADU SIMILEANU / Mar 16'2018
Apache Solr vs Elasticsearch, the 2 leading open-source search engines... What are the main differences between these technologies?
Which one's faster? And which one's more scalable? How about ease-of-use?
Which one should you choose? Which search engine's the perfect fit for your own:
use case
specific needs
particular expectations?
Obviously, there's no universally applicable answer. Yet, there are certain parameters to use when evaluating these 2 technologies.
And this is precisely what we've come up with: a list of 10 key criteria to evaluate the two search engines by, revealing both their main strengths and most discouraging weakness.
So you can compare, weight pros and cons and... draw your own conclusions.
But First, A Few Words About The Two “Contestants”
I find it only natural to start any Apache Solr vs Elasticsearch comparison by briefly shading some light on their common origins:
Both open source search engine “giants” are built on the Apache Lucene platform. And this is precisely why you're being challenged with a significant number of similar functionalities.
Apache Solr
Already a mature and versatile technology, with a broad user community (including some heavy-weighting names: Netflix, Amazon CloudSearch, Instagram), Apache Solr is an open source search platform built on Lucene, a Java library.
And no wonder why these internet giants have chosen Solr. Its indexing and searching multiple sites capabilities are completed by a full set of other powerful features, too:
dynamic clustering
faceted search
NoSQL features & rich document handling
full-text search
real-time indexing
Elasticsearch
It's a (younger) distributed open source (RESTful) search engine built on top of Apache Lucene library.
Practically, it emerged as a solution to Solr's limitations in meeting those scalability requirements specific to modern cloud environments. Moreover, it's a:
multitenant-capable
distributed
full-text
... search engine, with schema-free JSON documents and HTTP web interfaces, that it “spoils” its users with.
And here's how Elasticsearch works:
It includes multiple indices that can be easily divided into shards which, furthermore, can (each) have their own “clusters” of replicas.
Each Elasticsearch node can have multiple (or just a single one) shards and the search engine is the one “in charge” with passing over operations to the right shards.
Now, if I am to highlight some of its power features:
analytical search
multi-tenancy
grouping & aggregation
distributed search
1. User and Developer Communities: Truly Open-Source vs Technically Open-Source
A contrast that we could define as:
“Community over code” philosophy vs Open codebase that anyone can contribute to, but that only “certified” committers can actually apply changes to.
And by “certified” I do mean Elasticsearch employees only.
So, you get the picture:
If it's a fully open-source technology that you're looking for, Apache Solr is the one. Its robust community of contributors and committers, coming from different well-known companies and its large user base make the best proof.
It provides a healthy project pipeline, everyone can contribute, so there's no one single company claiming the monopoly over its codebase.
One that would decide which changes make it to the code base and which don't.
Elasticsearch, on the other hand, is a single commercial entity-backed technology. Its code is right there, open and available to everyone on Github, and anyone can submit pull requests.
And yet: it's only Elasticsearch employees who can actually commit new code to Elastic.
2. What Specific Use Cases Do They Address?
As you can just guess it yourself:
There's a better or worse fit, in any Apache Solr vs Elasticsearch debate, depending exclusively on your use case.
So, let's see first what use cases are more appropriate for Apache Solr:
applications relying greatly on text-search functionality
complex scenarios with entire ecosystems of apps (microservices) using multiple search indexes, processing a heavy load of search-request operations
And now some (modern) use cases that call for Elasticsearch:
applications relying (besides the standard text-search functionality) on complex search-time aggregations, too
open-source log management use cases with many organizations indexing their logs in Elasticsearch in order to make them more searchable
use cases depending on high(er) query rates
data stores “supercharged” with capabilities for handling analytical type of queries (besides text searching)
… and pretty much any new project that you need to jump right onto, since Elasticsearch is much easier to get started with. You get to set up a cluster in no time.
3. Apache Solr vs Elastic Search: Which One's Best in Terms of Performance?
And a performance benchmark must be on top of your list when doing an Apache Solr vs Elasticsearch comparison, right?
Well, the truth is that, performance-wise, the two search engines are comparable. And this is mostly because they're both built on Lucene.
In short: there are specific use cases where one “scores” a better performance than the other.
Now, if you're interested in search speed, in terms of performance, you should know that:
Solr scores best when handling static data (thanks to its capability to use an uninverted reader for sorting and faceting and thanks to its catches, as well)
Elasticsearch, being “dynamic by nature”, performs better when used in... dynamic environments, such as log analysis use cases
4. Installation and Configuration
Elasticsearch is a clear winner at this test:
It's considerably easier to install, suitable even for a newbie, and lighter, too.
And yet (for there is a “yet”), this ease of deployment and use can easily turn against it/you. Particularly when the Elasticsearch cluster is not managed well.
For instance, if you need to add comments to every single configuration inside the file, then the JSON-based configuration, otherwise a surprisingly simple one, can turn into a problem.
In short, what you should keep in mind here is that:
Elastricsearch makes the best option if you're already using JSON
if not, then Apach Solr would make a better choice, thanks to its well-documented solrconfig.xml and schema.xml
5. Which One Scales Better?
And Elasticsearch wins this Apache Solr vs Elasticsearch test, too.
As already mentioned here, it has been developed precisely as an answer to some of Apache Solr well-known scalability shortcomings.
It's true, though, that Apache Solr comes with SolrCloud, yet its younger “rival”:
comes with better built-in scalability
it's designed, from the ground up, with cloud environments in mind
And so, Elasticsearch can be scaled to accommodate very large clusters considerably easier than Apach Solr. This is what makes it a far better fit for cloud and distributed environments.
And this is the END of PART 1. Stay tuned for I have 5 more key aspects “in store” for you, 5 more “criteria” to consider when running an Apache Solr vs Elasticsearch comparison!
Still a bit curious: judging by these 5 first key features only, which search engine do you think that suits your project best?
RADU SIMILEANU / Mar 16'2018
Contending with the... paradox of choice? With a handful of tempting options in terms of ecommerce services providers that seem to be fitting your project's needs entirely?
And choosing gets frustratingly challenging since they all “tempt” you with:
a visually-arresting design “backed up” by an ideally simple navigation structure
a team fluent in SEO, ready to propel your site right on the “highest peaks” of Google rankings
an impressive experience in implementing e-commerce-specific features and functionality
24/7 assistance: both pre- and post-launch issues and nasty bugs stand no chance to escape their team's vigilance
module, theme, and plugin customization skills to suit your ever-growing needs
… and the list goes on
So, how do you decide when all your choices seem to be equally... promising?
What's the proper evaluation system to use on all these “candidates”? How do you narrow down your own checklist of “must-have experience and expertise“ to the essentials?
And what are the essential things to look for in a potential e-commerce services provider anyway? Keep on reading...
1. Use This Checklist to Rate Other eCommerce Websites from Their Portfolio
Engage in some research work first, starting with the candidate's own portfolio.
Look for other ecommerce websites listed there and start evaluating the following aspects/site components:
the overall design: as a first-time visitor on those websites, do you find them visually-appealing enough?
navigation: it should be as simple and, therefore, intuitive, as possible; easily navigable inventories here included
imagery and particularly product images: are they high-quality?
is there any type of interactive chat system integrated, that users can use for dropping their questions?
is there a review system implemented; are customer testimonials displayed and visible enough?
checkout: the simpler the better; in this respect, the single-step checkouts, with visible “Add to cart” buttons, leading you straight to the payment page, make the surest “bet”
is there a status bar informing customers know just how many more steps there are left till they complete the checkout process?
All these are crucial aspects to check off your preliminary checklist, so mind you give them due consideration. Track down all the above-mentioned elements (adding a “minus” to your evaluation list if they miss), then take your time to analyze and to rate them one by one!
The completed projects of an ecommerce services company are filled with valuable “hints” in regard to how your own project might end up looking/performing!
2. Does The Platform Suit Your Budget and Back-Office Administration Experience?
And you might want to start your conversation precisely with this question:
“What ecommerce website development platform would you use for my project?”
From WordPress to Magento commerce, to PrestaShop, to OpenCart, to Drupal Commerce, the range of possible answers to this key question is wide enough to get you thinking.
... to get you pondering on whether their platform suits:
your planned budget for this ecommerce project
the time you're planning to invest
your team's skills and hands-on experience in back-office management
Do you want your online store to be up and running in no time? Conveniently easy-to-use and overall... simple?
Or is it a big ecommerce website, with a large inventory, incorporating a whole infrastructure of complex ecommerce functionalities, that you have in mind?
There's a specific platform to go with for every type of need and goal that you might have. Make sure your potential ecommerce services provider has already built itself a reputation working with that particular platform that best suits you and your project!
3. Put SEO Expertise High on Your List When Choosing Your eCommerce Services Provider
Need I add more?
The expertise and time invested in building a visually-arresting, ideally easy-to-use website gets reduced to... wasted efforts if they're powered by an effective SEO strategy.
Now it's the perfect time to tackle specific SEO goals that your potential partner would have to meet:
putting together SEO-friendly URLs
integrating meta tags relevant to each page
achieving mobile responsiveness
using certain page load time optimization techniques
And the list of SEO-oriented goals and aspects to evaluate at this phase continues with the analytics tools that this ecommerce services company has in its toolbox.
In short: look for proofs that this company's proficient in turning key customer-behavior data and valuable stats into... actionable insights for you to leverage.
4. Carefully Consider Their Time Estimate: Do They Leave Any “Room” for Extensive Tests?
In other words: “fast” could also mean:
“Let's skip or reduce the pre-launch testing to bare minimum!”
It's a trap, don't fall for it!
Make sure that the time estimate that they'll give you:
complies with your own release schedule
does cover the pre-launch testing period, too
A time needed for them to do their own testing, for your own team to run theirs and, of course, for this partner team to get all the identified bugs and issues fixed.
5. Do They Commit to Crafting High-Converting Copy, too?
If so, look for relevant “samples” of copy they've already crafted for past clients.
Is their copy:
persuasive enough?
clear, concise, yet informative?
simple, yet engaging?
Does it efficiently outline/tell those products', those brands' unique features/stories?
Then, you might just have a “winner”.
Still, there still are 2 more essential aspects to check off your list before you can give your final “verdict”. Keep on reading...
6. Can They Meet Your Current and Future Customization Needs?
Maybe a standard turnkey solution doesn't suit your ecommerce project's specific needs. Maybe those plugins need some tuning work to meet your specific requirements.
Or maybe you want that free Drupal 8 ecommerce theme that you like best to be perfectly adjusted to your own needs.
Is this ecommerce services company IN for customization, too? Or do they stick to assembling pieces provided by an open-source platform when putting together your ecommerce website?
Be skeptical when you're being offered “one size fits all” solutions! When you detect proofs of zero experience or total lack of enthusiasm at the perspective of having to custom-tune those:
ecommerce theme
plugins
modules
… to your project's particularities and to your own future goals.
7. How About Post Launch Support? What if You “Detect” New Issues Then?
Is it a “full-option” type of ecommerce services package that they'll provide you?
Will they be there, ready to intervene, if, after your website' launch, you detect any bugs that escaped the pre-launching testing phase? Or if new issues breakthrough?
Now it's the perfect time to let them know about all your expectations regarding post-launch assistance.
The END! Time to evaluate some “candidates” now and, with this evaluation system at hand, to choose the ecommerce services provider that makes the perfect fit for your project's needs!
Serge Karpyuk / Mar 15'2018