Atlantic Business Technologies, Inc.

Author: Atlantic BT

  • 3 Reasons Your Magento Site Isn’t as Secure as You Think

    Is your Magento eCommerce site secure? How do you know?

    Without a code audit, you simply can’t be certain. All it takes is one unmaintained module, extension, or update, and your whole business is at risk. Making matters worse, anyone with an internet connection can find the weaknesses of your platform.

    Skeptical? Try typing your website into Magereport. Any of the red security warnings on the results page can allow a cyberattack into your code. Still not worried about Magento security? Here are 3 reasons your eCommerce platform is at risk.

    1. Security Breaches Happen All the Time

    Security breaches aren’t rare. According to Experian and Identity Force,

    • In January 2016, FACC, an Austrian-based aerospace parts manufacturer, had $54.5 million stolen from them by hackers.
    • Just 2 months later, 700 current and former Snapchat employees had their personal information stolen through a phishing scam.
    • During an ongoing investigation of a data breach in June 2016, the fast food chain Wendy’s disabled some newly discovered malware while admitting “the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated.”

    Notice that those examples don’t even include the troubles Target has faced, the Equifax madness, or the recent Facebook bomb. Cyber attacks happen every day, and often owners don’t even know they’re happening. It’s not just big enterprises and major businesses—everyone is at risk.

    2. You Have What Hackers Want

    So what if you’re not a massive corporation? You’re not Wendy’s or Facebook—what are you really worried about? What do you have that any of these hackers could possibly want?

    Two words: online payments.

    Wherever there are online payments, that means there’s online account information. Think: why would someone hack a website? To make money. The easiest way to do that is to steal credit card information.

    If you have weaknesses in your code, hackers could gain access to all of the accounts on your site. Without the right patches, someone can run a script that will scrape credit cards of every user. That’s your customer base. What do you think they’re going to do if they become victims of theft right after they use your website? They’re definitely not going to shop from you again. However, lost sales aren’t the only thing at risk.

    3. You Could Lose Everything

    If online theft goes unchecked, your company could be looking at a lawsuit. Companies are often sued for damage inflicted by the scraping. On top of that, online payment processors could pull out of your site. This could have a crippling result on your business.

    That’s how high the stakes are. Forget the money you could lose from having poor performance; security issues could take away every cent you’ve ever made. So, why should you get a code audit? Your entire business could be at stake.

    Take the Next Step in Securing Your Business

    With a code audit, you get an itemized list of every weakness of your site in terms of performance and security. With a code audit, you get the means to protect your business and ensure that it grows. When you take that step, we also partner with you to find solutions to all of your security problems. To get started, contact us.

  • What Does Your Website Need the Most?

    One of the things that separates us from many other digital agencies is that we don’t only build websites. Our designs are specific and unique to the vision of our clients. We ask them the right questions so their answers can guide our work. The more we listen, the easier it is to help our clients find the perfect layout and strategy. One topic, in particular, allows us to reach this goal. We establish a “wish list” of items our clients would like to have. Then, we narrow in on the priorities the organization is actually focused on.
     
    This might seem like a small thing, but it’s an important part of our philosophy. That’s because no group has the time or budget to follow through on every idea or moment of inspiration. There are always too many possibilities and not enough resources to cover each one.
     
    We often advise readers and clients to consider constraints to any new project. How does your budget affect what you’re able to build? What legal regulations and rules must you be in compliance with? The answers to those questions will help you map out the strongest path to your goal. They will allow you to answer another, vital question. What are your priorities in a web design project?
     
    Your answers won’t be the same as anyone else’s. But, here are a few we consistently hear from the executives we work with.

    Measurable Hard Benefits

    This is the most popular set of priorities. Of course everyone wants to see their website be successful in driving up traffic. That’s often the biggest motivator to begin with. If traffic wasn’t lagging, you might not have this project on your hands.
     
    The priorities you’re looking for here are measurable ones. There is a clear “before and after” picture. You want to see growth in sales, lead generation, and new revenue, among others. If you’re looking for a specific business result from your web design project, take note. Achieving it might be more important to you than anything else on this list.

    Keeping Web Design Costs Down

    Your organization or department could be on a tight budget. Your website still needs to meet a certain set of requirements. But, it must also do so under a specific cost. This constraint is very effective at weeding out the “nice to haves” from the “must haves”. You may find that you have some flexibility around goals you once thought were necessary. If staying under budget is a top priority for your team, you’ll have to re-weigh those original plans. In the end, you’ll end up with a strong, concise, and affordable website.

    Meeting a Deadline

    Websites have deadlines for a variety of reasons. There could be a new product rolling out in need of an updated website to promote it. A larger media promotion could be in the works. Or a real-life, time sensitive event could be upcoming. Regardless of the cause, your project is on the clock.
     
    If this is the case, getting things done on time could be your most important benchmark for success. Develop a place that takes into account the restricted amount of time. Knowing what parts of the project are worth your time helps you to focus on what your site needs.

    Aiming for User or Customer Satisfaction

    Keeping customers and users happy is often a client’s biggest concern. For other companies, the happiness of their consumers will also be important. But, this could be secondary to meeting hard business targets or balancing budgets. There is isn’t always a right answer. Every company has different services and goals. A smart choice for one group might be a terrible choice for another.
     
    If the satisfaction of your users is tantamount to success, then zero in on how to best make that happen. Dive into the research and use the results to guide your decisions and design. You’ll develop a website made with the users in mind and they’ll know it.

    Soft Benefits and Savings

    When we discuss soft benefits, we’re referring to less tangible aspects of the project. Team communication, improved morale, or an easy scheduling system would all count. Many of the executives we work with consider these goals to be ancillary to other ones. But, they may be big drivers of success in your organization. A soft benefit could be the key to staying under budget or on schedule. At the very least, they deserve consideration, even if they aren’t a top priority.

    Making Sense of Web Design Priorities

    This list is an example of the most common priorities teams choose to focus on. It is in no way definitive. You can choose several different goals for your project. In fact, some of the most important ones for your specific work might not even appear here. What matters the most is what your project needs so it can reach the finish line. What feels mission-critical to your web development project? Which priorities follow that? This tiered planning can reduce distractions and enhance the strengths of your website. Your web design team will have solid direction to work with. Even better, you’ll be able to allocate your resources in a way that makes sense.

    Want to work with the creative team that makes your organization their priority? Contact Atlantic BT in North Carolina today to schedule a free consultation!

     

  • How To Secure the IoT For Your Organization

    By 2020, Gartner estimates there will be 20.4 billion connected devices in the global Internet of Things. Augmenting the Internet of Things with sensors and actuators changes the game. The IoT becomes an example of the more general class of cyber-physical systems. This includes smart grids, homes and cities. It also connects virtual power plants and intelligent transportation. The potential of this technology is exciting. But we can’t avoid asking one question. “What happens when these interconnected devices get hacked?”

    The scale of security risks in the IoT era is much greater than in the pre-IoT environment, and the “attack surface” is much larger. Therefore, there is a need to protect ALL IoT devices from unknown vulnerabilities. Consider how many of these devices collect and store sensitive user data such as email addresses and credit card numbers. If that isn’t problematic enough, read this nightmarish scenario. Imagine how a coordinated cyberattack could bring New York City to its knees.

    It’s critical for any business who wishes to take advantage of IoT technology to have a detailed plan for how to secure these devices and systems. Choosing the right security solutions and/or vendors is an important part of any IoT plan. Here are some guidelines to help you make the right decisions about how to pick the best security systems and vendors for your IoT strategy.

    How to Choose an IoT Security Vendor

    First, the good news. Consulting services in the IoT security market can help everyone. Companies of all sizes can secure a variety of functions at the endpoint and in the cloud. But, there is also bad news. Most IoT security products from established IT security vendors are still developing. Some even remain in the proof-of-concept stage. That in mind, here is our advice on how to get the best value and fit from potential IoT security vendors.

    Lead with Security Assessments

    Vendors are hard at work, improving their security product and service offerings. In the meantime, you can still rely on experienced consultants to assess your IoT vulnerabilities. Hiring an outside company is worth it. They can assess integration points in your network for IoT implementations. Also, they can determine gaps in capability and infrastructure. There are other areas they can look into as well. The consultants can assess your risk exposure from IoT-related initiatives. They can also examine your organization’s security posture.

    Rely on a Cloud-Based Security Service

    The IoT is dependent on cloud-enabled devices. Therefore, you can’t go wrong by working with a proven cloud-based security service. These cloud consultants can help you monitor, detect, and respond to security concerns. It doesn’t matter if they’re related to your IoT deployments or not. They also work for more conventional computing devices. We can safely assume cloud-based services will play an indispensable role in IoT security. This is comforting as contractors figure out how to protect all these new interconnected devices.

    Choose IOT Product Vendors with a Hardware Foundation

    Finding the right IoT security product vendor is more challenging. You want a vendor that will provide a hardware root of trust. This is essentially a technical foundation to secure a wide variety of functions at the endpoint. Here is something that is also important. Some vendors promise real-time visibility and oversight over every network-connected IoT device. Make sure they can show you an easy-to-understand interface capable of fulfilling that promise. You want to be able to identify a potential breach or problem with minimal delay.

    How to Select an IoT Security Solution

    When it comes to IoT security systems and technology, cost is not an insignificant factor. When you evaluate possible IoT security solutions alongside your budget, pay attention. Notice how improved visibility and device control will impact your organization’s risk exposure. You most likely want security solutions that come with technical support. The systems that provide this will give you the best possible value. Here are other key considerations:

    Cryptographic Key Provisioning and Management for IOT

    The first place to start with IoT device management is encryption. You want secure cryptographic key provisioning when you deploy a large number of IoT devices simultaneously. This means having a process for provisioning new IoT devices by downloading software, patches, or other updates regularly to keep up with threats. That in mind, I recommend IoT leaders use a scenario-driven approach in selecting discovery and provisioning solutions, and not attempt to acquire a “one size fits all” product or service at this stage.

    Detect IoT Devices in Enterprise Networks

    You also need a system to detect IoT devices in your enterprise network when they are part of proprietary or non-IT-standard engineering networks or if they aren’t continuously connected. Use this system to build an effective IoT “asset database” complete with attributes and entitlements for access by those devices. By defining device access credentials in this way, you can better recognize when a device exhibits abnormal behavior suggesting a possible breach or security risk.

    Secure Your Endpoints

    This is a classic data security best practice, and even more important in the IoT era. You need to protect endpoints across your organization in cases which traditional authentication and cryptography cannot be implemented, whether due to resource constraints or long device life cycles that outlive encryption effectiveness. In high-risk environments or activities, you should also set up anti-tampering functions for your interconnected devices to ensure strong device identity and security. And do not forget to safeguard sensitive data from any humans who interact with interconnected devices!

    Hackers Are Ready for the IoT. Are You?

    Now that you have some guiding principles to understand IoT, I want to leave you with a sense of what you’re facing in terms of cyberattackers. In the first six months of 2017, IoT attacks increased by a staggering 280% over the previous six months. This means that malicious actors are already hard at work finding vulnerabilities in your interconnected devices and systems. We want you to be ready for them.

    Contact our security team. They’re ready to help you be armed and prepared.

  • How to Choose the Right Web Programming Team

    Choosing to launch a new website or update the one you have, is a bold move. It is not for the faint of heart. But you’re ready for this challenge. Heck, you were BORN for this challenge. Right now, you’re listening to ‘Eye of the Tiger’ while reading this and taking notes. (And if you weren’t, it’s definitely playing in your head now). Now, you have one big decision in front of you. You need to choose the right web programming team for your project.
     
    This can often be stressful for many business owners and executives. There’s a lot at stake. For one thing, there might be a great deal of money involved. This includes the initial investment, as well as the potential success (or failure) of the new site. But, there is another factor at play, making the decision difficult. The average decision-maker, in this situation, isn’t all that fluent in web programming. In other words, most know what they need, but not a lot about the process involved in getting it.
     
    That doesn’t mean you can’t find the right web programming team to work with, though. Doing some research and finding good advice can get you going in the right direction. Once you know what to focus on, you’ll be able to avoid seduction by an unethical sales pitch. Here are some tips to keep in mind when choosing a web programming company to hire.

    Be Clear About What You Want

    You might not be able to explain, in programming terms, what you’re hoping to get, but you don’t have to. Work with your team to outline a set of features and capabilities you’d like to see in your finished app. The more details you can provide, the better. Be sure to include deadlines and cross-compatibility needs. Any concerns that come to mind are important to note.
     
    The programmers you meet with will be making similar outlines. Based on what they know about your project, and their own experience, they will have ideas and suggestions at the ready. A good programming team is never waiting around for instructions. They view your project as a collaboration. Once you share your vision, they’ll get to work drafting ways to make it a reality. As you meet with various teams hoping to earn your trust, you can compare the outline you have to theirs. Which proposal seems most in line with yours? The team who listens best, shares your values, and takes initiative should be easy to spot.

    Look for Experience and Dependability

    Programming is a complex job to the uninitiated. And yet, there are many misguided assumptions about the work that whittle it down to its barest form. But programming is more than only knowing certain technical languages and requirements. It’s as much of an art as it is a science. Being well versed in various forms of code is an accomplishment, to be sure. But what are these programmers choosing to say with the language they’ve mastered? How are they communicating with consumers on your behalf? Are they creative and flexible? The ways they utilize their skills will give you a great deal of information about working with them.
     
    Equally important are the traits you would look for in any employee or partner. Working styles vary across the board. Do the people in this company have a style that matches that of yours? Also, consider things like productivity and project management. This is important if you want to have your software finished on schedule and under budget. Keep these considerations in mind when checking out potential vendors. Don’t overlook the importance of experience and dependability.

    Do Your Homework

    Here is an unfortunate truth. There are web design companies out there who will say almost anything to drum up business. It’s your job to ensure they can back up their claims. Any company that sounds too good to be true most likely is. It’s ok to ask for more information rather than to accept a blanket statement as sacrosanct. Look through case studies from previous projects. Follow up on referrals to clients this company has worked with in the past. These actions will help you make the best, educated choice.
     
    Don’t feel bad about choosing to dig deep. You’re not putting them on trial. This is a job interview. Not only that, it’s for a vital position that will determine the success of your project. You’ve already invested a great deal into the work and plan on putting in a great deal more. You want to get this right the first time. What past clients have to say can speak volumes. Listen to their experiences. Does this company respect other teams? Are they able to take responsibility for mistakes and work to fix them? If a past client has an issue to share, you must consider it seriously. No matter how much you’ve been liking this company thus far, the client’s experience is valid. A programming team you can trust is invaluable. They are out there. Don’t get distracted by the companies that shout the loudest, putting on a show. Sincerity counts. Make sure you’re going to get all that you’re paying for. You want to know that the creative team you’re hiring is going to be easy to work with. At the end of the day, you want everyone involved to be proud of the work they’ve done together.

    Check the Terms and Conditions

    You’ve found The One. An ideal team that is consistent, creative, and within budget. Not only that, they’re also genuinely good people that you want to work with. You’re ready to get started!
     
    Wait!
     
    Do you know exactly what you’re getting into? Are you both, beyond a shadow of a doubt, on the same page? Don’t be in a rush to commit to the project, with your chosen vendor, in writing. Take the time to review their agreement and terms. Make sure you understand what you’re entitled to receive. Also be aware of any obligations that fall to you, such as providing content or feedback. The agreement should also specify what will happen at the conclusion of the project. You should know who will own the rights to the finished work. It should also be clear how long the programmers will be supporting the site. These kinds of terms should be clear and detailed so you can avoid any confusion down the road.

    Want to Work With the Best?

    At Atlantic BT in North Carolina we have design skills, technical expertise, and a long track record of success. More importantly, though, we have a reputation for putting our clients and their needs first. So, if you need web development or custom app programming that’s a cut above the rest, contact us today to set up a free consultation.

  • The Hidden Risk You Need to Avoid in Complex Web Design

    Looking for the right firm to work with on your new web development project can be its own complex process. In fact, we assume that process might be what led you here, to our blog. You’re evaluating your options. And, like most people doing their research, you’re likely worried about making the wrong decision.
     
    That’s only natural. Complex web designs involve a lot of time and money. They can put your reputation and the future of your organization on the line. It’s definitely worth doing your homework and asking lots of questions.
     
    Finding the right partner can make or break your project. But responsibility for success is a joint effort. Experience has shown us the areas where a web project can be the most vulnerable. Missed deadlines, depleted budgets, and complete failure often comes from a common source. They usually rise from issues within a client’s own organization. Competing personalities, misaligned goals, or a lack of enthusiasm can cause damage. Combined, they can all be deadly when you’re trying to build a large website. Knowing exactly how another company works is very important. But, it’s also important to pay attention to your own internal processes.
     
    Issues between executives and departments can sink your website before it goes live. Here are some ways you can prevent that from happening.

    Get Buy-in on Your Priorities

    The best way to avoid conflict down the line is to make sure everyone is on the same page to begin with. Stakeholder approval and investment can give your project much needed support. That support turns into momentum, moving the work forward in a positive way. As it is in any relationship, communication is key. As your new project is being planned for, include your stakeholders in that process. This should include anyone who has input on the web development project. From budget approval to department heads, each role matters. Everyone should be a part of the conversation. The entire team can better understand the ultimate goal if they know at the forefront why a new website would be beneficial. They can agree with you about the measurable outcomes you are hoping to achieve. That agreement will help them provide the backing your project needs most. Gathering content, feedback, and approvals all becomes easier. Your team can reach each major milestone with confidence.
     
    Imagine if this wasn’t the case. Anyone who can influence your project will still be able to, regardless of how much they know about it. The less information they have, the bigger the hold up they can cause. Confusion leads to disagreements, which in turn leads to stumbling blocks. When the end goal of the website is vague, stakeholders may become distracted by other ideas. They could also become indifferent. When stakeholders are not invested in the work, they lack incentive to help. This, despite the fact that your project will affect them significantly. But if they do not understand this, they have no reason to engage in a positive manner. When the site inadvertently affects them negatively, they will be the first to let you know. Conflict usually ensues. When no one agrees on the need or purpose for web development, it’s difficult to keep moving forward.

    Put a Process into Place

    A great web design team can do incredible things for your company’s online presence. But despite their outstanding skills, your company still has a pivotal role to play. There are still some pieces of the web puzzle that will need to come from inside your own walls. Your organization will have plenty to contribute during the design and development processes. You will need to provide new content. There are designs and concepts to approve. You’ll also need to test various interfaces. This is only the beginning of an extensive, participatory list.
     
    It’s a good idea to establish a process for feedback and approvals early on. Such a plan allows everyone to know what their responsibilities look like ahead of time. Each role is clear and distinct, as well as the leadership hierarchy. This gives your team structure which strengthens communication among its members. You won’t lose important tasks in the shuffle, once expectations are clear to everyone. Should any confusion arise, each team member will know exactly who to go to for clarity, which saves time and keeps the work flowing forward. If no one knows which way is up, your project can come to a grinding halt. The web design team you’ve hired will continue to do the best they can, but if they can’t count on your internal team for consistent and accurate answers, things could get messy. 

    Decide Who Calls the Shots

    The larger your website is, the more likely it becomes that you’ll experience disagreements over resources and creative direction. A complex and industrious website usually means a larger number of stakeholders, who all have differing ideas on what will make the project successful. That’s not necessarily a bad thing. Having more viewpoints and opinions can prevent you from developing tunnel vision and missing the needs of certain users or interested parties. For example, the security of a website is an often overlooked component of a design project. It can easily appear as an afterthought. However, there will be stakeholders involved who see the value in integrating strong security measures into the website during the development process. Listening to their priorities and acting on their guidance will lead to a stronger final product. The insights of others often have an immense, positive impact. 

    In the end, though, decisions do have to be made. If members of your team can’t come to a consensus, it’s important for everyone involved to agree before the fact who will be responsible for making the final call. That way, you can get past a stalemate and move your website towards completion.

    We Make Large-Scale Web Design Easier

    At Atlantic BT, we make it easier to create and redesign large websites by applying decades of experience and technical knowledge to the problem. Contact us today to set up an appointment with our team and get answers to the specific challenges your organization is facing. 

  • 5 Questions You Need to Answer Before Taking the Big Magento Leap

    Thinking about moving your eCommerce platform to Magento? Of course you are. It’s the perfect next step—the platform you need to integrate the real world with a virtual shopping experience. Magento has the organization you need for all your products, and the analytics to measure your marketing and sales strategy.

    All that said, transitioning to Magento is far from simple. Beyond making sure you can make sales on the platform, you have to think about getting the right integrations, setting objectives for your website infrastructure, developing a content strategy, and much more. If you don’t already have an in-house team or outside contractor working on this, you might be wondering:

    What exactly am I getting myself into?

    It’s easy to get overwhelmed. When moving from a different CMS, there are a million things to consider. You’ve been researching. You’ve gone through the checklists full of words you don’t quite understand. How are you going to use social shopping? What hosting system are you using? How are you integrating your CRP? Don’t get distracted by these specific questions. What you need to worry about is the big picture. To get to that understanding, here are some larger questions about your current CMS and the one you want to have which can help you not only set goals, but see what a switch to Magento could really look like.

    1. What Do You Already Have?

    You’re probably thinking about Magento because you want to improve the customer experience, have better control of your inventory, do better social shopping, or just have a stronger CMS. All that said, you don’t need to re-invent the wheel. You have a growing business, so clearly some parts of your system are working well. It’s important to look at the system you’re using right now and ask yourself the following questions:

    • How many daily and peak time page views or purchases do you have? (Use your site analytics if you need help finding this information.)
    • What hosting system are you using? What kind of environment?
    • Who manages your site?
    • How are various systems integrated into your website?

    By looking at these factors, you can see what’s working with your current platform and what you need to change.

    2. What Are Your Objectives for the New Platform?

    Now that you see what you’re working with, you can set goals for the new platform. To set these goals, ask yourself the following questions:

    • Why are you unsatisfied with your current platform? What do you want to change?
    • How much time do you have? When do you need this new platform?
    • Do you want to change your analytics? What number of page views do you want? How many purchases at peak times? Can these metrics be improved and how?
    • How much control do you need? What are you enabling the consumer to do?

    And that’s just the tipping point. You also need to ask about integration, content delivery, navigation, shopping carts, and everything that will make your online store run. What’s important is to write and even draw what you want to accomplish. Once you can set these objectives, you’re ready to start working.

    3. Who Do You Want on Your Team?

    This is going to be tough. Just as setting up a physical store takes a great deal of effort, there’s a lot that goes under the hood of a usable CMS system. You need a good team. You need to assemble IT Project Managers, Business Analysts, Technical Analysts, HTML Developers, PHP Developers, QA Engineers, System Administrators and Database Engineers.

    IT Project Managers and Analysts can help you take the information you have on your old platform to set goals. Those members of your team can put you in motion to make the website happen. If project managers and analysts are the planners, developers are the doers. With HTML and PHP developers who are Magento Certified, you can make that transition to create the eCommerce website of your dreams. System and Database engineers help even further with the backend, making sure every element that needs to be in your store is there. All of these players, from developers to administrators to engineers, make eCommerce happen.

    It is also especially important that members of your team are trained in Magento Enterprise Edition. Knowing which people you want to use and how they can help your dream store happen can help paint a picture of what this switch would look like.

    4. What Kind of Training Will There Be?

    Perhaps more important than setting goals, assembling the team, and even figuring out what to bring from your old platform is making sure your team is ready to use the system. You need to make plans on how you could train your employees to use the new eCommerce site and assist customers. To do so, ask yourself the following questions:

    • What in-house skill sets already need to be improved?
    • What departments need to be trained?
    • Who will provide the training?
    • What training will be provided before the site goes live? What training will happen after?

    By evaluating what you need to train and who you need to train, you can make way for a more successful launch. This also sets up these trained individuals to be able to provide support on an initial and ongoing basis to make your platform totally usable.

    5. How Does This Affect Other Projects?

    Now that you have your team, your plan, and arrangements for training, you can look at how this affects your whole business. You need to ask yourself:

    • Is this project dependent on other projects being completed?
    • Do other projects depend on this project being completed?

    Find out what you need to know. Once you decide what you need to do to get your project rolling and what projects can be done after the new CMS is fully integrated, you can move forward.

    Moving Forward with Magento Security

    After going through these steps, you have a fully formed plan to move forward with your Magento eCommerce site. However, before you start any work on your store, make sure your eCommerce solution is secure. If you don’t have the right patches or Magento isn’t up to date, anyone could run a script to steal your customers’ information. If there’s someone scraping credit cards, your business could get shut down. You’ll fail before you get a chance to succeed. The best way to prevent that is to get a code audit before launch. To learn more about how Magento code audits can protect your online store, contact Atlantic BT for help or to request a code audit.