Who will be visiting your website or downloading your app today? What about in the future? Who in your organization will be responsible for serving online customers, clients, and employees long after your own career has taken you elsewhere?
Investing in your company’s digital infrastructure goes beyond protecting what you know to be vulnerable now ― particularly your organization’s proprietary data, plus the data of your customers and clients. It involves investing in what you can’t predict about tomorrow. Even if you understand your business inside-out, that knowledge only goes so far toward maintaining an online presence.
When budgeting for a possible economic downturn, it’s tempting to cut spending wherever possible. That might include your company’s digital experience. There are many valid reasons why the cost to maintain websites and apps remains high. Where can’t you scrimp and save, even when times are tough? That answer requires a forward-thinking mindset and plenty of digital expertise. Here are five areas not worth compromising on your website during a recession:
Security
Corporate investments to protect against cyberthreats have risen dramatically in the last five years. Issues of cybersecurity, user privacy, and accessibility are major concerns across every digital platform.
Threat modeling is the necessary, step-by-step process of ensuring the security of any online asset: identifying its function, the potential threats to that function, prioritizing the vulnerabilities, then taking action to resolve every issue. If your organization is collecting and storing information a hacker could use ― contact information, financial data, etc. ― threat modeling can help identify that data and secure the digital infrastructure needed to protect it.
Not every website will require a high degree of security, but any consumer, employee, patient, or client data your organization collects can pose a potential security threat. Consider an intranet site containing proprietary pricing information. Most medium- to large-sized companies have an intranet of some kind, often with API integration to CRMs like Salesforce. Those integrations might be tremendously useful, but they can add complexity, expense, and security vulnerabilities for hackers to exploit.
Maintenance
Disaster recovery, performance monitoring, security scanning, and CMS/Plug-in updates are all items you can expect to maintain on a regular basis. If you’re staying on top of basic maintenance, anticipate updates in one area to affect other plug-ins, functions, or connections. B2B and B2C apps, websites, and intranets are all interconnected now. Maintaining those connections is more important than ever. If one link in the chain is accidentally disconnected, an organization must consider the ramifications.
Look for broken links. Know the necessary security patches. Expect that not everything will work smoothly, and consider having a well-vetted extra set of eyes ― a penetration test ― to identify points of vulnerability. Then prioritize. Tools are available to help automate the scanning and monitoring of links and security patches, which can inform where to spend your valuable time and attention.
Strategic planning
Depending on the degree of interconnectedness among your organization’s digital assets, and the complexity of those assets, an eye toward the future can be critical. Ensuring you have a complete picture of the user’s experience (both internally and externally) can save you a lot of money and headaches over time. An especially complicated user experience is difficult to hand off when there is turnover among the key players in your organization’s IT and marketing departments. Consider the next team and build a platform that will be easy for them to use and update depending on tomorrow’s needs.
If you’re investing in a new website or app, the result should be a solution that does work for you. That takes forward-thinking. For those tempted to take a “lift and shift” approach to any redesign, consider your customers’ journey. Are customers able to find you on Google? Is your content relevant enough to move customers through the sales funnel? Does the content solve the problems and answer the common questions shared by your customers? Does the content reflect the current voice of your brand? A content audit and SEO analysis will be needed periodically to understand what improvements need to be made.
Accessibility should also be considered during planning stages. Can a color-blind user see what is on the screen when they visit your site or download your app? Would a visually impaired person be able to hear the on-screen content they need? Depending on the function or service of your app, such safeguards for persons with disabilities might even be mandated by law.
Project management
Whether in-sourcing or out-sourcing a special project, smooth execution is critical if your budget offers little margin for error. Consider a new product or service being promoted on a website or app that’s designed to live online less than a year. Your organization has a relatively short window to make an impression. Advance planning and troubleshooting will be necessary ― tasks better left to an experienced project manager.
If your organization is small or medium-sized, or for large organizations that lack experience in digital project management, consider outsourcing the project. Choose a vendor that will not balloon the budget, the timeline, or the deliverables. An experienced vendor will be clear when communicating deadlines and budgets, and able to translate technical jargon into plain language for any client.
Privacy
In recent years, legislation has been enacted to protect the privacy of anyone visiting a website or an app. California and Europe now require businesses to offer a “do not track” option, which restricts the collection of consumer data on their websites and apps.
The Federal Trade Commission defines a Privacy Impact Assessment (PIA) as “an analysis of how personally identifiable information is collected, used, shared, and maintained.” In some cases, a PIA is required to ensure conformance with the applicable legal, regulatory, and policy requirements for privacy. Cutting a PIA out of your IT budget risks running afoul of the law.
The amount of labor each PIA requires depends on the amount of data your website and app collects. If you’re merely tracking Google Analytics ― not credit card information, HIPAA information, mailing addresses ― there’s much less risk in tracking what pages users are visiting. When personal information is collected, the laws are more rigorous.
Speaking of Google Analytics, Google has announced the mandatory transition to Google Analytics 4, which enables both “do not track” as well as data request and data deletion by consumers. This is Google’s response to the legal and ethical realities of protecting customers’ privacy.