Tom, President, uses his keen strategic eye to help clients create groundbreaking creative campaigns. And he's been a thought leader appearing on Bloomberg, WGN, NBC, CMO.com, and Wall Street Journal.
Personalization is the best way to engage your users in a conversation, and it’s increasingly something that they expect from your website. Almost 75% of users prefer to do business with organizations that use personalization to make their experience more relevant; the same percentage of users get frustrated with websites when content has nothing to do with their interests.
I recently partnered with .orgCommunity to help associations better understand how to leverage website personalization. In the webinar Spectrum of Personalization, you’ll see 5 examples of personalization in action, from simple to complex, and take away some tips to help you get started today.
Get inspired! Watch our webinar below.
Over the years, Sandstorm® has built websites on content management systems (CMS) using a variety of programming languages: Python, .NET, and PHP to name just a few. These programming languages support CMSs like Django, Kentico, and Joomla, respectively. Two of the most popular CMSs are Drupal and WordPress, built on PHP.
A common question we hear from clients is whether they should use Drupal or WordPress. While there’s no right answer, there is an answer that’s right for you. Each one has its place, so we've laid out where you can gain the most benefit from each CMS.
The Benefits of Drupal
Speed and Performance
When it comes to a scalable CMS that can support high-volume traffic and vast libraries of content, Drupal beats out WordPress. Not only does Drupal offer better performance out of the box—including default cache features that help pages load faster—it’s more robust for handling complex projects with lots of functionality.
Drupal is favored by many top companies and government agencies, including whitehouse.gov, for its enterprise-level security. Drupal has a very active security team with a stringent review process for plugins and a robust permissions layer that provides nuanced limitations for user access.
WordPress, on the other hand, is a popular target for hackers whose malicious attacks often succeed due to fully coded plugins compromising security. Additionally, WordPress doesn’t provide the flexibility in tailored permissions that Drupal does.
When it comes to getting leads through web contact forms, WordPress requires third-party tools like Gravity Forms or JotForm, which will cost you extra.
With Drupal, web form functionalities are already built into the platform, so you don’t need external tools. Drupal can also enable rules and set up triggers so that when someone fills out a form on your website they receive an SMS message from your company, which helps with lead nurturing efforts and potential conversions.
The Benefits of WordPress
Ease of Use for Small Businesses
Since WordPress started primarily for less tech-savvy bloggers, small businesses with a junior development team benefit the most from the platform. Additionally, most writers and content managers have some experience with WordPress, so there's little need to train them on the platform.
Where It's a Toss Up
Drupal and WordPress users have created diverse global communities that offer international conferences like DrupalCon and WordCamp; local training events and Meetups; and active forums where users can ask questions and learn more about the platform. While the WordPress community is larger than Drupal’s, it’s uncommon that you would run into an issue with either platform that someone hasn’t encountered, and solved, before.
Search Engine Optimization
It doesn’t matter to Google which platform you use, and both platforms offer excellent plugins and modules to help you with your SEO, including Yoast for WordPress and Content Optimizer for Drupal.
At Sandstorm®, our experts have extensive experience developing, designing, and writing in Drupal, WordPress, and many other content management systems. We’d love to find the one that’s right for you.
Now more than ever, digital security is something that needs a thoughtful approach.
From Yahoo! to the DNC, large, high-profile security breaches are filling the news and making security a hot topic for everyday conversation. There are so many hacks that even data visualizers are struggling to make sense of them all. Which is why 2017 will be the year that companies finally realize the value and necessity of security for their digital properties.
Whether cause or effect, our increasing reliance on technology correlates with the spike in frequency, size, and severity of security breaches. At Sandstorm®, we're big fans of Steve Gibson and his podcast Security Now, where he talks about the race to keep up with new security threats. With each new security improvement developers release, hackers are ready to uncover weaknesses. Over the years, this has brought us to a place where both the threats—and the necessary defenses against those threats—have reached a level of complexity that can seem daunting.
From Convenience to Security
The complexity and automated nature of modern attacks has changed the industry’s view on the lengths hackers are willing to go to. Now, we have to assume that there is always someone looking to exploit opportunities and weaknesses.
While these are just a few examples of the risks and remediations that companies need to consider, they illustrate the many different attack vectors that developers need to address. The trick is to do the following:
- Define the requirements
- Identify the risks and determine the solutions
- Design a highly functional application that still puts the user first
Trend #1: Rise of the Botnets
Botnets are a major reason for the increase in security issues. As an industry, we’ve known for some time about the danger of improperly patched or unsecure computers and servers that get infected with malware. But in the last few years, risk has increased exponentially due to the prominence of the Internet of Things (IOT). We have an explosion of internet-connected devices (light bulbs, refrigerators, dishwashers, teddy bears) with many of them rushed to market without regard for security.
Night of the Living Malware
Malware programs target these vulnerable systems to create zombie armies of infected computers that work together to feed on sites. The most recent and well known is the Murai botnet, the code of which was released as open source and has since spawned a plethora of derivations. That's right; you heard me. They’re multiplying, evolving, and getting smarter like a creature out of a bad horror movie.
How bad is it? Projections as of 2016 suggested that 35% of all internet traffic consisted of malicious bots. That's a lot of zombies wandering around looking for your server's brains.
GhostBot in the Machine
Another recent example is GiftGhostBot. This attack came to light in March 2017. Bots are brute forcing the pages that allow customers to check the balance on their gift cards. These bots keep guessing gift card numbers (at an estimated rate of four billion requests per hour) until they get one that has a remaining balance. They can then use that gift code to steal from the gift card holder.
What makes this GiftGhostBot particularly sinister is its sophistication. First, the attack is distributed across multiple compromised devices, servers, and computers—which means there’s no way to track and block these requests by IP. Second, the bots have been set up to use over 740 different user agent profiles, meaning they masquerade as different browsers and operating systems to confuse attempts to filter out their traffic. Vendors might add CAPTCHAs or completely remove these pages to remediate the issue. This is just another example of the exponential scale and complexity of attacks that have shifted the conversation towards security.
What You Can Do
- Your best defense is keeping your systems up-to-date. Apply security updates to all technology in your ecosystem in a timely manner (including websites, servers, computers, employee mobile devices, etc.).
- Be sure to spend the time to review all new features and components of your digital products with an eye for potential vulnerabilities. Always overestimate the lengths someone would go.
- When in doubt, engage a knowledgeable specialist to help review your security configuration.
Trend #2: Are You a Robot? – Identifying Friend From Foe
If you’re thinking this is all about the rise of the machines, you might (or might not) be happy to hear that humans still play an important role in threatening your business’s security. While botnets have increased the quantity of attacks, the level of sophistication for attacks has also dramatically increased. In some areas, malicious entrepreneurs have even turned to crowdsourcing to enhance automated attacks. Take CAPTCHA as an example. When those annoying pictures were too much for some bots to circumvent, unscrupulous companies paid real people to fill them out. Bots passed the CAPTCHAs back to humans whose answers were fed back to the bots so they could proceed with their attack.
This resulted in concerns with the CAPTCHA as a solution for determining bot from human. While still used, it was understood that this solution is not 100% effective. Recently, however, Google updated their reCAPTCHA service with their new Invisible reCAPTCHA. Maybe you’ve seen this: It’s a simple checkbox that says “I am not a robot.” Because so much information on your behavior has been compiled by Google, it can compare your digital fingerprints and activity against its vast repository of analytics to determine if you’re a real person. Or that’s the theory anyway; the new service has just rolled out and we're excited to see how it matures.
Mollom is another service we recommend, specifically for Drupal projects. It takes form submissions on your site and checks the content to see if it looks like bot-generated content. If it does, the content is flagged. This technique analyzes content to protect against spam, relying on the consolidation of massive amounts of examples to understand how to proceed.
What You Can Do
- You can do is realize that identifying bots is not as straight-forward as it seems. They have gotten very good at pretending to look like real users performing real actions on your site.
- Shift your thinking to a place where you assume that hackers and spammers are probably smarter (or at least more persistent) than you. Look at each element of your digital products as a place where a bot might pretend to be a human and consider what they might be able to do.
- Layer different preventative techniques. Don't assume that one fix is enough and have a contingency plan for is a bot does get past your defenses.
Trend #3: Moving to SSL
Another major trend for 2017 will be the push for secure socket layer (SSL or HTTPS) traffic for everything. This has been an important shift for security in the last few years. Previously, SSL was only considered important for highly sensitive data, but a few things have pushed us into a world where regular HTTP traffic is considered unsecure.
Man in the Middle
First, a number of tools have come out that make watching the traffic of someone else on your network very easy to do. This allows a person to see the sites you are visiting and even steal your username and password. This is generally referred to as a man-in-the-middle attack resulting in session hijacking. Traffic over HTTPS helps to protect against that because your browser and the server are essentially communicating via a secret language that only they can understand.
Man on the Side
Second, browsers pulling in content over regular HTTP can't 100% confirm where the content they’re displaying came from. There have been a few complicated attacks over the past few years where malware was sent to site visitors instead of the assets they were expecting. This is generally referred to as a man-on-the-side attack. The attempted attack on GitHub in 2015 is an example of this. Moving towards HTTPS traffic gives the browser certainty that the content it received is the one it was expecting.
Pushing the Transition
If you’re thinking all of that sounds scary, you're not alone. Google agrees and has started to roll out changes to the Chrome browser—you've probably noticed that grayed out "not secure" message near the URL. Additionally, if you log in to a site over regular HTTP, you may also notice a red "not secure" message. This is meant to push websites towards SSL, and it’s only the start. Google has announced additional plans to clearly mark all traffic as not secure going forward.
What You Can Do
- Work with your hosting provider or website developer to purchase an SSL certificate from a reputable vendor.
- Have those same partners review your SSL configuration to confirm that you’re using strong protocols and ciphers that have not been deemed to be compromised.
- You may also need to review your site to confirm that you don't have any mixed content errors, which is when HTTPS pages are referencing insecure HTTP resources.
- While you're at it, complete a full review of your server configuration.
- A full penetration test or security scan may also be a good investment.
How Sandstorm Can Help
This is just the start of the conversation and we've only covered a few topics. Whether you’re moving your current website to SSL or want to ensure your new website is developed with the latest security in mind, we utilize the technology and techniques that make sure you’re protected.
Having trouble putting into words what you are looking to accomplish with your website? Not sure how to get all of your web development agencies aligned with your goals and objectives?
Writing a request for a proposal (RFP) is a challenging process if you don’t know where to start. By taking a moment now to think about your organization and your users’ wants and needs, you’ll save time later and increase the possibility of attracting the best agency to deliver success.
We can help! By following the website RFP response template below, you’ll have a clear strategy and a solid start for your next initiative:
1. Brief Overview of the Project
Describe your current website situation or desired campaign and a description of what your investment will entail.
2. Project Goals and Objectives
Define the motivation for your project. Why are you making this investment (i.e. expanded services, growth, new target audience, lead generation, attract job candidates)? What do you hope to accomplish? List your objectives.
3. Current Web Statistics
Include relevant web analytics such as top content, goal conversions, traffic sources, bounce rates, keyword phrases driving traffic, social referrals, mobile traffic, etc.
4. Technical Requirements
Are you integrating with any existing systems? List them. Do you require a specific programming language (e.g. .php or .net)? How is hosting currently handled?
5. Usability Requirements
How many different user groups do you have, and who are they? Are you interested in conducting usability testing? How about user research or developing a persona?
6. Functional Requirements
What features and functionality do you need on your site? Some needs might include:
- Secure user/password
- Contact forms or dynamic forms
- File uploading option
- User account management
- Social media integrations and social sharing
- Database development
- Video integrations
- Member dashboards
- Content management system (Drupal, Kentico, Wordpress, etc.)
- Newsletter sign up
- White paper lead capture
- 3rd party API integrations (LMS, AMS, HubSpot, Salesforce, etc)
7. Content Requirements
Approximately how many pages are on your current site? Do you have a content strategy? Who is going to be responsible for writing or editing your content? How will your social media channels be integrated?
8. Mobile Requirements
We only build websites that respond to your user’s device (i.e. mobile, tablet, desktop) – so we have that covered. Do you have any other special mobile needs that we should be aware of?
Has your budget been set and approved? What is the range?
What is your ideal project completion date? What is driving that time (i.e. trade show, new product launch, leadership change, board of directors, it should have happened last year)?
Ready to rock?
This website RFP response template can be the perfect tool to align all stakeholders on the essential building blocks for your project. It ensures you have a solid, thoughtful, and organized plan to guide your chosen agency, too.
A little upfront thinking and decision-making goes a long way in constructing an optimal site experience or campaign. You’ll be the rock star whose project launches on time, within scope, and under budget.
[Once you’ve completed all these steps, please send it to us. Sandstorm might be the right partner for your new project.]
Content marketing is the cornerstone of any successful digital marketing strategy, but it’s not enough just to create compelling content. You also have to think through how users engage with your content.
Since almost 90 percent of users are less likely to come back to a website after a bad experience, you really have to create a great experience right from the start. But don’t worry; creating compelling, user-friendly content isn’t as hard as it sounds. With a few simple changes, you can pack a serious punch. In fact, you’re probably following some of these best practices already.
1. Write content that’s scannable.
Like most readers, you’re probably skimming this article. Nielsen Norman Group, a leading UX research firm, found that 4 out of 5 users scan web pages looking for important information and fewer than 2 in 10 read word by word.
To deliver useful information to your users, your content needs to be scannable. You can make your content more user-friendly by following these best practices for web content. Start with the top 10 pages your users visit the most on your site and apply these principles:
- Think mobile first—look at how your content displays on a device.
- Use meaningful sub-headings instead of overly clever ones.
- Turn items listed in a paragraph into a bulleted list.
- Keep paragraphs to a single idea, and keep them concise. Paragraphs can have just 2-3 sentences.
- Edit your content, then edit again.
2. Use hyperlinks within your body content—and make them stand out.
Hyperlinks—the colorful text that links to other pages—are essential to a great user experience. They serve as signposts on the road to discovery and help users explore your content in a meaningful way.
Underlined text in a contrasting color is the best way to communicate a hyperlink, and it’s what most users expect. Using a longer phrase of three or four words is more engaging than a single keyword, and using really engaging language related to the link is even better.
Just remember not to overdo it; two to three links on a page is plenty for content of 450 words or less.
3. Create engaging and attractive calls to action.
Whether you’re trying to increase newsletter signups, encourage engagement, or promote an event, an appealing call to action (CTA) will improve your results.
What’s the key to an enticing CTA? Use a vibrant color from your brand style to draw attention to buttons, and give them a consistent look and feel. Use verbs in your CTA copy that tell users what you want them to do and what they get in return:
- Register for the event
- Request more information
- Download this report
If you follow these tips, you’ll be able to make quick optimizations that have a real impact on your site. Your current users will praise the improved usability, share more of your content, and you’ll have laid a solid foundation for attracting new users who are essential to growing business.
I attended World IA Day in Chicago a few weeks ago and was inspired by one of the speakers. In user experience, and particularly in information architecture, we often draw analogies to physical spaces and buildings. Extending the same analogy, one speaker shared a personal story about a seven-day excursion she took to build a mud hut.
Their team was cruising through the build, and what should have taken seven days was nearly complete in three. Unfortunately, just before they could put the doors on, the walls came tumbling down. They rushed the process, didn’t take the time to let the mud dry, and skipped steps that were fundamental to allowing the natural materials to take hold.
The lesson she learned was that, much like physical spaces, digital spaces can come crashing down if you rush the process. Whether you’re building a cathedral or a website, you start with a goal, work through the mess (information architecture, user research, usability testing) and draw up the plans (blueprints or wireframes) so you can create a concrete product users can easily move through.
Constructing Your Information Architecture (IA)
Information architecture not only makes information easy to find, it helps us create experiences that are intuitive and easy to navigate. IA provides the digital signposts and clues that help users remember where things are located and how to move through a design, system, or interface. IA helps prevent issues of findability and scalability while answering questions like:
- How is this structure organized?
- How is the content labelled?
- How will it meet the needs of the organization?
- How will it meet the needs of the people using it?
Listening to this story I couldn’t help but nod along and think of the clients I work with. I hear clients say customers can’t find products or they really want to simplify and condense the information. Clients often don’t realize they have an information architecture problem, but it really is key to completing a digital project.
The most important thing to remember is that the way an end user approaches a website can be vastly different than the way an employee approaches their company website—what may seem intuitive to someone within the business might not make sense to their clients or customers.
Without carefully thought-out IA we can’t expect products, apps, or websites that are easy to navigate. Even if websites look beautiful, without a strong structure they can create a disorienting user experience, and issues with findability and scalability will abound.
Have You Built the Right IA?
Ever hear employees, clients, and users say this about your website:
- "We create new content but don’t know where to put it."
- "It always takes me a while to find the right information."
- "I can’t find the products I’m looking for."
Then it sounds like your information architecture could use some restructuring. We’re here to help you, from card sorting through to sitemaps and wireframes.
The mind reading fantasy
How great would it be if someone could read our minds and instantly reflect what we were thinking? Okay, it might be a bit creepy at first, but after we acclimated, it would be pretty fantastic. We would never have to order anything; we would just pay and collect our latte, salad, or sandwich. We would never argue with our spouse. We would always know what our boss wanted. It would be so productive, we would increase GDP by 200%.
Reality sets in
Unfortunately, that’s not the world we live in today. So when clients want us to read their minds, we panic—and for good reason. We strive to embed ourselves into our clients’ organizations and businesses, but we are horrible mind readers. When budgets and timelines are tight (they always are), it’s best to align with a creative brief before jumping into creative execution: it saves time and money and prevents angst.
A tool that functions well in reality
Please plan for some time and money to invest in a well-written creative brief when you are planning on giving work to an agency or creative partner. Briefs give the agency time to process all of the information you have given them and think through any questions they may have. This distillation of information is an important step that allows for strategic thinking and alignment. The act of writing a brief is a discipline that requires prioritization and ensures the creative team has the right information before crafting a communication solution for you, the client.
Providing a way for effective creative evaluation across an organization
As a client, you should demand a brief when embarking on a creative project. It has a strong ROI and is the contract between you and the creative team in terms of what to expect when the agency presents creative to you. You should use this brief to evaluate the creative and ensure your internal stakeholders do the same thing. This ensures that your campaigns stay focused and on strategy. A brief also helps take personal preferences out of the equation and forces each evaluator to start to think in terms of your target market.
A simple solution, just add a pinch of discipline
I have worked in many places and with many clients that let the creative brief languish and even disappear. This results in many revisions, escalating budgets, and blown deadlines—not to mention awful creative executions. This is the epitome of the phrase “garbage in, garbage out.”
So if you want to ensure great creative that’s on budget and on schedule, you must invest the time and resources into developing a well-thought-out creative brief that has alignment from all stakeholders in the process. It’s a simple and classic tool that works.
Sunday’s Super Bowl game was one for the ages—unless, that is, you had money on the Atlanta Falcons, who found a way to squander a 25-point lead.
The evening’s commercials featured a kaleidoscope of celebrity cameos, a split-second glimpse of the Budweiser Clydesdales, and the following winners and losers:
Avocados from Mexico’s “Avo Secrets” spot delivers a hysterical spoof of the Illuminati, poking fun at the secret society’s rituals and deflating its pomposity. The full-length version of the spot is literally laugh-out-loud funny.
“You don’t look like you’re from around here” is the line that opens Budweiser’s “Born the Hard Way” spot. The 60-second ad, which tracks Adolphus Busch’s long journey to America, served up one of the evening’s defter political statements on immigration.
Even more moving was “The Journey Begins” from 84 Lumber, which follows a mother and daughter making the daunting trek from Mexico to the United States. Broadcaster Fox had refused to air the original version of the spot, which ended with the pair arriving at a monolithic border wall. 84 Lumber ran a modified version of the spot during the game and invited viewers to visit its site to watch the full-length version, triggering so much traffic that the site crashed repeatedly throughout the evening.
“Go Further” charmingly demonstrated Ford’s commitment to innovation and its promise to help us “move through life faster, easier and better.” The spot provided the evening’s best soundtrack—Nina Simone’s civil rights anthem “I Wish I Knew How It Would Feel to Be Free.”
Bai opens its spot with Christopher Walken solemnly intoning the lyrics to the ‘N Sync hit “Bye Bye Bye.” Justin Timberlake, clad in smoking jacket and ascot, delivers a silent but howlingly funny reaction. Perhaps the evening’s best use of a pop song to drive home the brand message.
John Malkovich is by turns furious, ingratiating and threatening as he seeks to wheedle the JohnMalkovich.com domain name from its owner in SquareSpace’s very funny spot that presents a memorable case for securing your domain name before it’s gone.
Packed with visual puns, TurboTax’s “Humpty Hospital” spot delivers an effective product demo amid the hilarity. When the yolk starts trickling, I dare you not to laugh.
Skittles’ “Romance” ad was the latest in a long line of inane “people will do anything to eat (insert product name here)” spots.
Kia’s “Hero’s Journey” ad, starring Melissa McCarthy, spent a glacier of money on special effects for a spot that, while aimed at the ecologically aware, actually belittled the efforts of environmentalists.
In a commercial for Sprite, basketball superstar LeBron James refuses to tell us to drink Sprite. Sorry, LBJ—not very funny.
Need help telling your brand’s story? Sandstorm helps clients build their brands and develop the strategies to effectively deliver their stories to their target audiences. Let us help you today.
For awhile there, in the land of web design, it seemed that sans serif fonts were taking over. Arial, Verdana, Geneva, and even san-serif itself. Google got in on the action too, ditching its long time faith in serif fonts for its new logo a few years back.
Serif fonts have come back into vogue. Errol Morris, filmmaker and author, ran an experiment in the New York Times in 2012. Readers thought they were merely reading an essay and deciding whether or not they agreed with a statement about security. This was, supposedly, to tell whether they were optimists or pessimists, however Morris was actually testing something else. He was testing fonts. He chose several serif and sans-serif fonts to see if readers showed a favoritism toward any type of font. Which font was more convincing? Baskerville, a serif font, won hands down.
I’m guessing one study from 4 years ago isn’t enough to get you back on the serif train. Well, just this year, another serif font Times New Roman, was voted “most trusted typeface” by UK company, solopress, following a survey of 1,000 people (Comic Sans came in second place, so no survey is perfect).
That’s not all, though. The US National Library of Medicine, the Centers for Disease Control, as well as others in the crossroads between government and medicine recommend a serif font: “Serif fonts are usually easier to read than sans-serif fonts. This is because the serif makes the individual letters more distinctive and easier for our brains to recognize quickly” (PDF).
A few google searches will show you that serif fonts have a reputation for readability, but also for conveying nostalgia and authority.
One of our recent clients, Vibrant (Formerly DHCU) came to us with a rebrand. For this client, we needed a way to merge the fun and friendly atmosphere of their business, while not undermining the trust and reliability you’d expect from a financial institution. Our solution was a mix of exciting and engaging color for their brand married with a serif font for their logo to keep their brand grounded in the financial world.
If your website could use a new look, or you're looking to build trust and confidence with your brand, Sandstorm can help.
Now get your serif on (go ‘head, be gone with it).
Everyone makes predictions on the next big trend for 2017. This year, we ditched the crystal ball to give you actionable UX strategies that will drive growth and innovation in your organization.
1. Tap into your data and do something with it
Are you collecting tons of data but not using it? Are you looking at pages of reports with no actionable information? These are lost data mining opportunities that can help prioritize initiatives and allow your business to expand or pivot. When data is combined from multiple sources and analyzed properly, it can help you make more informed digital marketing decisions that can save marketing dollars or drive additional revenue. For 2017, commit to creating an analytics strategy to regularly uncover insights from your data.
2. Stop guessing and simply talk to your users
Take the subjectivity out of internal meetings and go straight to the source. It’s easier and cheaper than ever before to have quick and meaningful conversations with your users through social, one-to-one phone interviews, in-person at conferences and events, and usability studies. (Did you know you only need 5-6 users from a particular user group to identify 80% of the usability issues?)
3. Build a customer journey map
Brand engagements are moving off computer screens to cell phones, tablets, wearable tech, gaming consoles, and even smart devices like refrigerators. Understanding all the various touch points along your customer’s journey is critical to providing the consistent, personalized brand experience they expect.
4. Look outside your industry for inspiration
It’s easy to see what everyone else is doing within your industry. To identify white space opportunities for your organization, look up and out (e.g., if customer service is your differentiator, look at Southwest Airlines or Disney). Businesses in other industries may have already solved the problem you are looking to tackle—it just takes a little mindshift to find them.
Turning these 4 UX strategies into priorities in 2017 will give you quantitative and qualitative rationale to make better (and less subjective) digital marketing decisions.