Recent Posts

About the Author

javascript hook
Emma Thompson
Emma Thompson

As a Junior Digital Strategist, Emma has a background in ad sales and a desire to create strong brand identities.

javascript hook
Cindy Chau
Cindy Chau

As UX Architect, Cindy has a knack for problem solving combined with a fascination in people.

javascript hook
Terribeth Beasley
Terribeth Beasley

As a QA Analyst, Terribeth is detail oriented and driven to provide excellence within every project.

javascript hook
Amanda Heberg
Amanda Heberg

As the Director, Business Integration, Amanda leads new business development, sales, partnerships and marketing strategy across Sandstorm. Amanda collaborates closely with new clients to build strong, long-lasting partnerships while aligning Sandstorm's capabilities to solve client business problems.

javascript hook
Eric Savage
Eric Savage

Eric Savage is a JavaScript Developer with expert knowledge and extensive experience in front-end development.

javascript hook
Megan Durst, digital strategist
Megan Durst

Building strong client relationships in between running 5Ks

javascript hook
Bill Kurland, Copywriter
Bill Kurland

Copywriter Extraordinaire

javascript hook
joshua sovell
Joshua Sovell

As the Marketing Manager Joshua is in charge of crafting the Sandstorm narrative via compelling blog content and community engagement.

javascript hook
Jeff Umbricht
Jeff Umbricht

Jeff is an Illinois native with a passion for web development. Making code into great things drives him every day. He’s often busy building awesome experiences for Sandstorm clients, and there’s a high probability that he’s rocking out to metal while he codes.

javascript hook
John Rausch
John Rausch

Over his 25 years in the advertising industry, John has produced award-winning work for many B2C and B2B clients. He is a passionate believer in the power of the brand and brings a strategic approach to every piece of creative.

javascript hook
Cubs Game game
javascript hook
Lisa Goepfrich
Lisa Goepfrich

Lisa is a Digital Strategist who is extraordinarily adept at building visual stories.

javascript hook
Safina Lavji
Safina Lavji

As a UX Architect, Safina actively empathizes with users to bridge the gap between user needs and what the client delivers. 

javascript hook
Adam Smetana
Adam Smetana

Adam's busy developing awesome websites for our clients. We'll have an equally awesome bio soon. 

javascript hook
Nick Meshes
Nick Meshes

Nick is Sandstorm’s Director of Analytics and Technology. He’s boosting our quantitative focus. He’s busy increasing our capabilities in web analytics, website optimization testing, SEO, SEM, display advertising, business intelligence, and personalization.

javascript hook
Alicia Newland
Alicia Newland

Alicia is an Account Director with 15+ years of experience on the agency side. Her first job as a paper carrier back in the 80’s, planted the seed for her dedication to building solid client relationships and her love of media.

javascript hook
Tracy Graham
Tracy Graham

Tracy is Senior Designer at Sandstorm. His background in design and photography for print and web with experience in multiple industries makes him a Swiss army knife of creative awesomeness.

javascript hook
Sean Fuller
Sean Fuller

As a Senior System Architect, Sean is a hands-on developer and technical lead on projects. He works with design and strategist teams from kick off through launch to plan, design and execute technical solutions for client projects. 

javascript hook
Reilly Willson
Reilly Willson

Someday I'll need a real bio, but for now I'm busy creating awesomeness for our clients!

javascript hook
Amanda Tacker
Amanda Tacker

Amanda is a Digital Strategist with several years of experience on both the agency and client sides, with both B2B and B2C clients.

javascript hook
Kellye Blosser
Kellye Blosser

Kellye’s unique approach involves a delicate balance of left and right-brained thinking. She most recently hailed from the corporate video world. Here at Sandstorm, she’s excited to bring strategic, innovative thinking to every project.

javascript hook
Emily Kodner
Emily Kodner

Emily is our Senior Digital Strategist. She consults with clients, leads projects and works alongside our team of creatives and developers to provide solutions to complex business challenges.

javascript hook
Megan Culligan
Megan Culligan

Megan knows the importance of picking a winner. With a background in politics and PR, she knows that a successful marketing campaign requires coordination of many moving pieces and a team focused on achieving a great goal. You’ll see her analytical point of view on the blog, providing insight and tactics for success.

javascript hook
Meaghan Glennan
Meaghan Glennan

Meaghan is a storyteller. From the Granite State to the City of Broad Shoulders, she's created impactful true-life tales about people, places, businesses and events. As she guides Sandstorm's story by directing our marketing communications, you'll see a lot of her unique perspective and style.

javascript hook
Holly Brinkman
Holly Brinkman

Holly's title at Sandstorm Design is Strategy, Research, and Writing, as she does a little bit of everything. She loves clever advertisements, strong brands, social media, and intuitive web sites.

javascript hook
Matt Chiaromonte
Matt Chiaromonte

Matt is a copywriter and social media guru in Sandstorm’s Internship Program. With a background in marketing, journalism, and improv comedy, Matt brings equal parts knowledge and entertainment to our little corner of the Internet. When he isn’t generating social media content, Matt can be found enjoying pizza, podcasts, and many other things that begin with the letter “p”.

javascript hook
Amanda Elliott
Amanda Elliott

Amanda Elliott is the Marketing Coordinator at Sandstorm Design. She absorbs the creative energy from our leadership team and facilitates the team so they can focus entirely on solving client challenges. She is passionate about anticipating needs, solving problems, and making projects fun.

javascript hook
Sharonda Thomas
Sharonda Thomas

Our newest social media marketing and copywriting intern Sharonda has a passion for producing read-worthy content. Knowledgeable with various social platforms she will combine her communications and journalism background with her love of social media to keep our audience engaged. An artist at heart, Sharonda spends her free time cooking, painting, and barbering.

javascript hook
Karen Boehl
Karen Boehl

Karen does a little bit of everything – webmaster, social media manager and search engine optimizer. She can most often be found on Twitter, in the Usability Lab, or happily buried in the Drupal admin menu.

javascript hook
Jesse Lankford
Jesse Lankford

Someday I'll need a real bio, but for now I'm busy creating awesomeness for our clients!

javascript hook
Jason Dabrowski
Jason Dabrowski

Jason is Sandstorm's office administrator and also lends his hand in the areas of design and production. As a veteran of front desks and stages, he knows his way around charming guests and employees alike. Look for his unique worldview on the blog.

javascript hook
Laura Luckman Kelber
Laura Luckman Kelber

Chief Strategy Officer, Laura Luckman Kelber leads Sandstorm's team of strategists with wisdom from her 20 years of marketing experience. Combining seemingly disparate ideas to solve a problem, Laura unearths unexpected insights to help clients’ fuel their success.

javascript hook
Nathan Haas
Nathan Haas

Nathan is a User Interface Art Director at Sandstorm. He is a proud alum of The University of Tennessee. His main focus was print design, but he soon realized the potential of pixels. This combination of print and interactive gives him a unique view of design possibilities.

javascript hook
Kyle Lamble
Kyle Lamble

Kyle is your stereotypical bluehat hacker, by day, who wants you to upgrade your browser to support his love for cutting edge web development techniques. By night, he is a curator and publisher of art. Co-founder of Loosey Goosey Art, Kyle spends much of his off time helping artists find their inner potential.

javascript hook
Will Biby
Will Biby

Will wears many hats at Sandstorm. From writing web content to executing social media strategies, he is quick to act and insistent on a job done right. Will enjoys writing, so expect to hear from him often on the blog.

javascript hook
Andy Cullen
Andy Cullen

Someday I'll need a real bio, but for now I'm busy creating awesomeness for our clients!

javascript hook
Derek Vanderlaan
Derek Vanderlaan

Derek Vander Laan is Sandstorm's Senior Design Architect. With 20 years of experience, he designs web sites, infographics, and interactive digital experiences. His creative skills are always at work either at his desk or plotting a prank for someone else's.

javascript hook
Andrew Jarvis
Andrew Jarvis

Andrew lives in Bucktown with his wife and three cats in various states of hairlessness. When he's not at Sandstorm doing front-end development he is passionate about creating 3D art.

javascript hook
Michael Hartman
Michael Hartman

As Sandstorm's Technology and Usability Director, Michael leads our developers and usability researchers in creating web sites and applications—both desktop and mobile—that embody our favorite blend: intuitive user experience and dynamic Drupal development.

javascript hook
Janna Fiester
Janna Fiester

Sandstorm's Executive Creative Director, Janna, is a design-thinker. Showcased in several design publications and exhibited at the Art Institute of Chicago, she is talented in taking nuggets of good ideas and nurturing them into solutions that are always strategic, engaging and visually delightful.

javascript hook
Sandy Marsico, Founder & CEO
Sandy Marsico

Sandy Marsico is the Founder & CEO of Sandstorm®, a next-generation brand experience agency that turns customer insights into engaging user experiences through our unique blend of strategy, UX design, user research, marketing technology and analytics.

Recent Posts

Emily Kodner
Association for Corporate Growth launches new, responsive website.

At Sandstorm®, we thrive on designing and developing exciting new websites. But we also know how important a great event can be. That’s why we couldn’t have asked for a better opportunity in creating a site for ACG.

The Association for Corporate Growth (ACG) is the global community for business leaders focused on driving middle market growth through mergers and acquisitions. As a chapter-led organization, ACG is heavily focused on events, holding over 1,200 around the world each year for industry professionals and the association’s 14,500 members to network.

In order to drive their own growth, ACG turned to us to design and develop a website platform that provided individual sites for the global organization as well as its 58 chapters. Each site not only needed to be mobile friendly and visually appealing, it needed to be user friendly and easy to manage for each chapter, an objective we were able to achieve as a result of several efforts:

  • Attending ACG’s annual event and conducting stakeholder interviews to hear directly from leaders and members what they needed from the new website
  • By integrating the Drupal 8 content management system (CMS) with the netFORUM association management system (AMS)
  • Conducting a usability study on the new design to ensure it was intuitive and easy to use
  • Building a collaborative space for chapters and committees to digitally communicate and share essential documentation

We’re honored to help ACG continue driving middle market growth around the world. Check out the new ACG website for yourself.

This blog was posted by Emily Kodner on June 20, 2017.
Emily Kodner

About the Author

Emily Kodner

Emily is our Senior Digital Strategist. She consults with clients, leads projects and works alongside our team of creatives and developers to provide solutions to complex business challenges.

Emma Thompson
Emma Thompson

Hello! I’m Emma, the new Junior Digital Strategist here at Sandstorm®, and I’m thrilled to be working alongside such a dynamic and intelligent team!

My first job out of college, and my first foray into the advertising world, was Condé Nast. Before joining Sandstorm, I worked in the advertising sales department for Vanity Fair and The New Yorker. Working for these publishing giants showed me the importance of creating strong brand identities and taught me how to market to different audiences. I am so excited to continue honing my knowledge while using my unique expertise to benefit Sandstorm’s clients.

On any given weekend, you can find me at home making bagels and binging on episodes of 30 Rock, or out exploring Chicago’s many hidden gems. If you ever need restaurant recommendations, feel free to reach out as I’m also a ravenous foodie and cook.

This blog was posted by Emma Thompson on June 15, 2017.
Emma Thompson

About the Author

Emma Thompson

As a Junior Digital Strategist, Emma has a background in ad sales and a desire to create strong brand identities.

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
John

It’s hard to create remarkable brand experiences without an inspiring insight into the user. I’ve always considered user insights to be the single most important component of a creative brief, and it’s no surprise that it’s also the most challenging component to develop.

The process of uncovering a meaningful insight starts with understanding the user. You need to know your audience well beyond the demographics. How does he think? What does she feel? Not just about your product or service, but about the category?

It’s critical to understand the difference between an observation (a demonstrable fact about your product/service and your user—the “what”) and an insight (recognizing what motivates them—the “why”). It takes time and effort to sort through the more obvious observations to reveal the insight.

But it’s time and effort well spent. Properly developed and crafted, an insight serves as the inspirational launch pad for creative development, providing the illuminating Aha! that makes the message resonant and meaningful.

The best insights address the solution, not the product/service. As the old saying goes, people don’t want eighth-inch drill bits; they want eighth-inch holes.

What are other elements of a great user insight?

  • It illuminates the user more than the product or service
  • It applies to the category more than the brand
  • It’s single-minded and can be simply stated
  • It’s about the universal and eternal, rather than the trendy

Let’s look at a handful of acclaimed campaigns and the insights that spawned them.

Dove: “Real Beauty”

The insight: Women—who come in all shapes and sizes—had become increasingly exasperated with the narrow portrayal of female beauty in the media.

The research that revealed this insight led to the creation of a breakthrough marketing strategy: “To make women feel comfortable in the skin they are in, to create a world where beauty is a source of confidence and not anxiety.” The campaign built on this strategy looked like nothing the industry had seen before. The launch of the campaign received substantial media coverage from mainstream news broadcasts and publications, as well as talk shows and women’s magazines. Parent company Unilever has estimated the media coverage to be worth more than 30 times the purchased media.

California Milk Processor Board: “Got Milk?”

The insight: People wait until they’re out of milk to realize that they should buy more.

During a consumer focus group on milk held 25 years ago, someone said, “The only time I even think about milk is when I run out of it." The insight revealed by that remark became the foundation for a campaign that entertainingly presented what might happen if you allowed yourself to run out of milk. The “Got Milk?” campaign achieved over 90 percent awareness in the U.S., and the tagline has been licensed to dairy boards across the nation.

Old Spice: “The Man Your Man Could Smell Like”

The insight: Wives and girlfriends are more likely to buy men’s body wash than men are.

Consumer research revealed that for years Old Spice had aimed messaging for its body wash and hair care products at the wrong audience. The first commercial, featuring actor Isaiah Mustafa, was an overnight sensation and became a cultural phenomenon. Sales surpassed expectations and today Old Spice is the number one selling brand of body wash for men in the U.S.

At Sandstorm, our thoughtful, scientific approach to user research reveals illuminating insights on which effective brand strategies are built. For example:

Ensono: “Operate for Today. Optimize for Tomorrow”

The insight: Chief information officers are looking for resources to help them not just keep the data center running, but deliver strategic innovations that drive revenue.

Extensive primary and secondary research revealed how the role of our user, the CIO, was evolving. CIOs were increasingly being expected to make strategic contributions in the boardroom, moving from a traditional “build-and-feed” model to a construct that could be described as “dream and direct.” We developed a brand campaign for our client Ensono (which provides IT infrastructure management outsourcing) that positioned Ensono as “the company that dreams,” helping CIOs address their current needs and deliver on tomorrow’s objectives.

We developed the new name and brand identity for Ensono, designed and developed its new website and created an expansive portfolio of marketing materials. In one year, the site saw a 703 percent increase in total page views, an 859 percent hike in unique visitors and a 955 percent increase in lead form submissions!

We’d be delighted to help you find the unexpected user insights that deliver an enhanced brand experience. Contact us today to get started.

This blog was posted by John on May 18, 2017.
John Rausch

About the Author

John Rausch

Over his 25 years in the advertising industry, John has produced award-winning work for many B2C and B2B clients. He is a passionate believer in the power of the brand and brings a strategic approach to every piece of creative.

Bill Kurland
Mentor Guiding a Young Professional

I wrote my first song at the age of two; it was called “I Can Do It By Myself.” Unfortunately, that became my mantra for longer than I’d like to admit, and it wasn’t until my twenties that I discovered the profound impact mentoring could have in my career and personal life. Since then, I’ve been incredibly lucky to meet men and women with the passion to guide me through my exploration of the world. And I’m especially grateful to work alongside so many of them every day.

Mentorship is an essential part of our culture at Sandstorm®. As our founder and CEO Sandy Marsico recently shared with ABC News, having a great mentor was essential to her success, which is why learning and sharing is one of our three core values. Our amazing directors not only share their decades of expertise with fellow Sandstormers, they’re active in the community, educating and inspiring the next generation of developers, designers, and strategists, too.

I’ve benefitted immensely from our creative directors’ mentorship—shout out to John and Janna for anything I missed during our company You Rocks. And it got me thinking about how mentorship has helped other Sandstormers in their careers and personal lives.

Learning From the Best

John Rausch - MentoringAs a budding copywriter, Creative Director John Rausch was fortunate to be mentored by the creative genius who wrote the immortal "Two all-beef patties, special sauce, lettuce, cheese, pickles, onions on a sesame seed bun" jingle for the Big Mac. “In the years I worked for him, I learned a lifetime's worth of insights into developing impactful creative work,” John shared. “But perhaps the most significant thing he taught me was the importance of paying it forward—sharing my own passion and acumen with the creative professionals who would come to work for me.”

Finding Solutions Through Empathy

Megan Durst - MentoringAs a resident assistant at Central Michigan University, Strategist Megan Durst found a mentor in her resident director. “He taught me a lot about understanding people’s motivation,” she said. “It really helped me empathize with my students and help them find solutions to their problems. Not only have those skills been critical in my personal life, they’ve been equally essential in my career as well.”

Teaching the Next Generation

Janna Fiester - MentoringExecutive Creative Director Janna Fiester’s undergrad professor has remained a mentor ever since her time at Ball State. Her professor even encouraged Janna to earn an MFA and become a professor herself, which she did. It was during her time as a professor at UIC that Janna began mentoring students of her own. “Now one of my mentees is also a client. She still calls me her mentor and a strong influence to choosing design as a career.”

Lifelong Relationships

Amanda Heberg - MentoringAmanda, our Director of Business Integration, found an amazing mentor in her volleyball coach—even getting the opportunity to coach alongside him when her daughter reached high school. “He gave me great advice throughout my entire life: in business, coaching, and in my personal life. He truly cared about me and making sure I was successful. He's had such a profound impact on my life and always went out of his way to help me, even without asking.”

Friends in High Places

Joe RuelFront-End Developer Joe Ruel was fresh out of college when he met one of his mentors. As Joe recalls, “My mentor guided me through many aspects of development and helped me find my passion in front-end development.” Though his mentor moved onto another company, they kept in touch. Over the next year, Joe heard so much about his mentor’s new company that he applied for a position there. Sandstorm Senior Front-End Developer Jeff Umbricht continues to be a guiding influence in Joe’s life, and was quick to note that Joe got the job on the strength of his considerable skills alone.

How has mentorship impacted your life? We’d love to hear your story in the comments.

This blog was posted by Bill Kurland on June 1, 2017.
Bill Kurland, Copywriter

About the Author

Bill Kurland

Copywriter Extraordinaire

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Sandy
Sandy Marsico: .orgCommunity Advisory Board Memeber

I really enjoyed attending .orgCommunity’s Disruption + Innovation conference this month! The .orgCommunity is an amazing resource for senior executives to lead their associations through innovation, and the event certainly delivered on that mission. Speakers and facilitators from across a wide variety of industries shared their insights on redefining digital publishing, generating new streams of revenue, and much more. These were my biggest takeaways:

  • Adopt a disruption mindset. Act like a digital disrupter.
  • Rethink the entire business, not just the technology.
  • Get inspired outside your industry. Did you know: Ugg boots were created by surfers.
  • Your goal is to create value—for every association.
  • The membership subscription model is over. You need to think about other ways to earn revenue.
  • Collaborate more, collaborate differently. Consider strategic partnerships and mergers.

So it’s with great pleasure that I can finally announce my position as a part of .orgCommunity’s advisory board! With almost two decades of experience working with associations of all sizes—including the National Association of REALTORS, American Medical Association, Rotary, and more—it’s an honor to share my experience with executives and help them utilize emerging technologies and techniques.

I look forward to sharing my expertise with the .orgCommunity while continuing to help our many association clients prepare for their future success.

This blog was posted by Sandy on 05/25/2017.
Sandy Marsico, Founder & CEO

About the Author

Sandy Marsico

Sandy Marsico is the Founder & CEO of Sandstorm®, a next-generation brand experience agency that turns customer insights into engaging user experiences through our unique blend of strategy, UX design, user research, marketing technology and analytics.

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Cindy Chau
Cindy Chau

We are in a sixth grade math classroom. I am speeding through all my assignments in order to solve logic problems.

I blew through hundreds of them that year. Silly as it was, I even dedicated an entire presentation to detailing how to solve Who Owns the Zebra. Thinking back, I’m not so sure if it was the best choice to keep my classmates engaged, but I was pretty proud of my work. Perhaps it was my knack for problem solving combined with my fascination in people that led me to the user experience field.

I hail from the great state of Michigan and spent six beautiful years working on my BA and MSI degrees from the University of Michigan (Go Blue!). Upon graduating, I worked as an experience designer at a digital agency for over two years before taking off to travel and volunteer with fifty strangers in eleven countries in eleven months. From sitting with the forgotten elderly in remote villages in Eastern Europe to tutoring English to Vietnamese college students, that year changed the course of how I live my life. Upon returning, I worked with that nonprofit organization to redesign one of their internal systems.

Now here at Sandstorm, I am most excited to do meaningful work in a place that values people and culture, as well as user research. Understanding the context of a problem is key!

Outside of my work at Sandstorm, you can find me at a rock climbing gym, randomly singing in public, attempting to build community, blogging, thinking of and laughing at terrible puns, playing board games with friends, talking to the homeless, volunteering with children, taking photos, baking, exploring new places, and so much more.

This blog was posted by Cindy Chau on May 11, 2017.
Cindy Chau

About the Author

Cindy Chau

As UX Architect, Cindy has a knack for problem solving combined with a fascination in people.

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Terribeth Beasley
Terribeth Beasley

I’m thrilled to join the Sandstorm® team. One of the many things that attracted me to Sandstorm was the focus on doing good work for good people. I’m really looking forward to making a difference in the lives of our clients and their users alongside my new teammates.

My career started in the airline industry, where I worked as a computer programmer. I eventually moved on to a global consulting firm where I worked diligently as a software quality engineer before becoming a software engineer. While I took some time off to raise my kids, I’m delighted to be back in development and quality assurance.

When starting on a new project, I believe it’s imperative for a QA analyst to start with a full understanding of the scope and timelines on a project. It allows me to get a clear mental picture of everything that needs to be accomplished and drive toward that goal.

Speaking of driving toward goals: When I’m not at Sandstorm, I’m usually watching my kids at Taekwondo, cross country and track meets, band performances, or helping the band at football and basketball games. There’s nothing better than cheering them on—and snapping a few photos—while they work to achieve their dreams.

This blog was posted by Terribeth Beasley on May 4, 2017.
Terribeth Beasley

About the Author

Terribeth Beasley

As a QA Analyst, Terribeth is detail oriented and driven to provide excellence within every project.

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Nick
Drupal vs. Wordpress

Over the years, Sandstorm® has built websites on content management systems (CMS) using a variety of programming languages: Python, .NET, and PHP to name just a few. These programming languages support CMSs like Django, Kentico, and Joomla, respectively. Two of the most popular CMSs are Drupal and WordPress, built on PHP.

A common question we hear from clients is whether they should use Drupal or WordPress. While there’s no right answer, there is an answer that’s right for you. Each one has its place, so we've laid out where you can gain the most benefit from each CMS.

The Benefits of Drupal

Speed and Performance

When it comes to a scalable CMS that can support high-volume traffic and vast libraries of content, Drupal beats out WordPress. Not only does Drupal offer better performance out of the box—including default cache features that help pages load faster—it’s more robust for handling complex projects with lots of functionality.

Security

Drupal is favored by many top companies and government agencies, including whitehouse.gov, for its enterprise-level security. Drupal has a very active security team with a stringent review process for plugins and a robust permissions layer that provides nuanced limitations for user access.

WordPress, on the other hand, is a popular target for hackers whose malicious attacks often succeed due to fully coded plugins compromising security. Additionally, WordPress doesn’t provide the flexibility in tailored permissions that Drupal does.

Lead Conversion

When it comes to getting leads through web contact forms, WordPress requires third-party tools like Gravity Forms or JotForm, which will cost you extra.

With Drupal, web form functionalities are already built into the platform, so you don’t need external tools. Drupal can also enable rules and set up triggers so that when someone fills out a form on your website they receive an SMS message from your company, which helps with lead nurturing efforts and potential conversions.

The Benefits of WordPress

Ease of Use for Small Businesses

Since WordPress started primarily for less tech-savvy bloggers, small businesses with a junior development team benefit the most from the platform. Additionally, most writers and content managers have some experience with WordPress, so there's little need to train them on the platform.

Where It's a Toss Up

Supportive Community

Drupal and WordPress users have created diverse global communities that offer international conferences like DrupalCon and WordCamp; local training events and Meetups; and active forums where users can ask questions and learn more about the platform. While the WordPress community is larger than Drupal’s, it’s uncommon that you would run into an issue with either platform that someone hasn’t encountered, and solved, before.

Search Engine Optimization

It doesn’t matter to Google which platform you use, and both platforms offer excellent plugins and modules to help you with your SEO, including Yoast for WordPress and Content Optimizer for Drupal.

At Sandstorm®, our experts have extensive experience developing, designing, and writing in Drupal, WordPress, and many other content management systems. We’d love to find the one that’s right for you.

This blog was posted by Nick on May 1, 2017.
Nick Meshes

About the Author

Nick Meshes

Nick is Sandstorm’s Director of Analytics and Technology. He’s boosting our quantitative focus. He’s busy increasing our capabilities in web analytics, website optimization testing, SEO, SEM, display advertising, business intelligence, and personalization.

Amanda Heberg
Amanda Heberg

As the newest addition to Sandstorm®, I’m thrilled to be a part of a Chicago-based company that has experienced such amazing organic growth. I’m excited to bring my experience implementing disciplined sales and marketing processes for other organizations to Sandstorm, and building upon the great work the team has done to further grow the business.

One of the reasons I joined Sandstorm was the people. Warrior Spirit isn’t just a catchy name; it’s a real spirit that employees truly embody. Culture is key here, and it’s apparent from the moment you walk through the doors.

I’m energized by the work. I have traditionally worked for companies that focus on the implementation side of technology projects. Sandstorm has a great ability to bridge the gap between executing the strategy (creative thinking) and successfully implementing the technology. I’ve found that firms are usually strong in one or the other, but Sandstorm has found the right balance, which leads to successful projects and happy clients.

I have a long history working for large consulting firms and small start-ups, including experience leading sales and business development for consulting firms—specifically, developing relationships with new and existing clients and industry partners. I also have extensive experience advising on strategy, implementation of web content management (WCM and CMS), cloud-based solutions, and custom development for clients ranging from Fortune 1000 to small nonprofits and associations. Sandstorm provides the perfect forum for me to share these experiences and help us grow and scale, while attracting innovative projects and clients, and fostering strong relationships.

When I’m not busy at Sandstorm, you can find me hanging with our three kids—our five-year-old daughter keeps us quite busy! Our two older kids are in college, and our daughter plays college basketball, so we take as many family road trips as we can to watch her play.

We also love drinking wine and craft beer, traveling often, and having friends and family over for get togethers!

This blog was posted by Amanda Heberg on April 19, 2017.
Amanda Heberg

About the Author

Amanda Heberg

As the Director, Business Integration, Amanda leads new business development, sales, partnerships and marketing strategy across Sandstorm. Amanda collaborates closely with new clients to build strong, long-lasting partnerships while aligning Sandstorm's capabilities to solve client business problems.

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Sean

Now more than ever, digital security is something that needs a thoughtful approach.

From Yahoo! to the DNC, large, high-profile security breaches are filling the news and making security a hot topic for everyday conversation. There are so many hacks that even data visualizers are struggling to make sense of them all. Which is why 2017 will be the year that companies finally realize the value and necessity of security for their digital properties.

Whether cause or effect, our increasing reliance on technology correlates with the spike in frequency, size, and severity of security breaches. At Sandstorm®, we're big fans of Steve Gibson and his podcast Security Now, where he talks about the race to keep up with new security threats. With each new security improvement developers release, hackers are ready to uncover weaknesses. Over the years, this has brought us to a place where both the threats—and the necessary defenses against those threats—have reached a level of complexity that can seem daunting.

From Convenience to Security

The complexity and automated nature of modern attacks has changed the industry’s view on the lengths hackers are willing to go to. Now, we have to assume that there is always someone looking to exploit opportunities and weaknesses.

While these are just a few examples of the risks and remediations that companies need to consider, they illustrate the many different attack vectors that developers need to address. The trick is to do the following:

  • Define the requirements
  • Identify the risks and determine the solutions
  • Design a highly functional application that still puts the user first

Trend #1: Rise of the Botnets

Botnets are a major reason for the increase in security issues. As an industry, we’ve known for some time about the danger of improperly patched or unsecure computers and servers that get infected with malware. But in the last few years, risk has increased exponentially due to the prominence of the Internet of Things (IOT). We have an explosion of internet-connected devices (light bulbs, refrigerators, dishwashers, teddy bears) with many of them rushed to market without regard for security.

Night of the Living Malware

Malware programs target these vulnerable systems to create zombie armies of infected computers that work together to feed on sites. The most recent and well known is the Murai botnet, the code of which was released as open source and has since spawned a plethora of derivations. That's right; you heard me. They’re multiplying, evolving, and getting smarter like a creature out of a bad horror movie.

How bad is it? Projections as of 2016 suggested that 35% of all internet traffic consisted of malicious bots. That's a lot of zombies wandering around looking for your server's brains.

GhostBot in the Machine

Another recent example is GiftGhostBot. This attack came to light in March 2017. Bots are brute forcing the pages that allow customers to check the balance on their gift cards. These bots keep guessing gift card numbers (at an estimated rate of four billion requests per hour) until they get one that has a remaining balance. They can then use that gift code to steal from the gift card holder.

What makes this GiftGhostBot particularly sinister is its sophistication. First, the attack is distributed across multiple compromised devices, servers, and computers—which means there’s no way to track and block these requests by IP. Second, the bots have been set up to use over 740 different user agent profiles, meaning they masquerade as different browsers and operating systems to confuse attempts to filter out their traffic. Vendors might add CAPTCHAs or completely remove these pages to remediate the issue. This is just another example of the exponential scale and complexity of attacks that have shifted the conversation towards security.

What You Can Do

  1. Your best defense is keeping your systems up-to-date. Apply security updates to all technology in your ecosystem in a timely manner (including websites, servers, computers, employee mobile devices, etc.).
  2. Be sure to spend the time to review all new features and components of your digital products with an eye for potential vulnerabilities. Always overestimate the lengths someone would go.
  3. When in doubt, engage a knowledgeable specialist to help review your security configuration.

Trend #2: Are You a Robot? – Identifying Friend From Foe

If you’re thinking this is all about the rise of the machines, you might (or might not) be happy to hear that humans still play an important role in threatening your business’s security. While botnets have increased the quantity of attacks, the level of sophistication for attacks has also dramatically increased. In some areas, malicious entrepreneurs have even turned to crowdsourcing to enhance automated attacks. Take CAPTCHA as an example. When those annoying pictures were too much for some bots to circumvent, unscrupulous companies paid real people to fill them out. Bots passed the CAPTCHAs back to humans whose answers were fed back to the bots so they could proceed with their attack.

Invisible ReCAPTCHA

This resulted in concerns with the CAPTCHA as a solution for determining bot from human. While still used, it was understood that this solution is not 100% effective. Recently, however, Google updated their reCAPTCHA service with their new Invisible reCAPTCHA. Maybe you’ve seen this: It’s a simple checkbox that says “I am not a robot.” Because so much information on your behavior has been compiled by Google, it can compare your digital fingerprints and activity against its vast repository of analytics to determine if you’re a real person. Or that’s the theory anyway; the new service has just rolled out and we're excited to see how it matures.

Mollom

Mollom is another service we recommend, specifically for Drupal projects. It takes form submissions on your site and checks the content to see if it looks like bot-generated content. If it does, the content is flagged. This technique analyzes content to protect against spam, relying on the consolidation of massive amounts of examples to understand how to proceed.

What You Can Do

  1. You can do is realize that identifying bots is not as straight-forward as it seems. They have gotten very good at pretending to look like real users performing real actions on your site.
  2. Shift your thinking to a place where you assume that hackers and spammers are probably smarter (or at least more persistent) than you. Look at each element of your digital products as a place where a bot might pretend to be a human and consider what they might be able to do.
  3. Layer different preventative techniques. Don't assume that one fix is enough and have a contingency plan for is a bot does get past your defenses.

Trend #3: Moving to SSL

Another major trend for 2017 will be the push for secure socket layer (SSL or HTTPS) traffic for everything. This has been an important shift for security in the last few years. Previously, SSL was only considered important for highly sensitive data, but a few things have pushed us into a world where regular HTTP traffic is considered unsecure.

Man in the Middle

First, a number of tools have come out that make watching the traffic of someone else on your network very easy to do. This allows a person to see the sites you are visiting and even steal your username and password. This is generally referred to as a man-in-the-middle attack resulting in session hijacking. Traffic over HTTPS helps to protect against that because your browser and the server are essentially communicating via a secret language that only they can understand.

Man on the Side

Second, browsers pulling in content over regular HTTP can't 100% confirm where the content they’re displaying came from. There have been a few complicated attacks over the past few years where malware was sent to site visitors instead of the assets they were expecting. This is generally referred to as a man-on-the-side attack. The attempted attack on GitHub in 2015 is an example of this. Moving towards HTTPS traffic gives the browser certainty that the content it received is the one it was expecting.

Pushing the Transition

If you’re thinking all of that sounds scary, you're not alone. Google agrees and has started to roll out changes to the Chrome browser—you've probably noticed that grayed out "not secure" message near the URL. Additionally, if you log in to a site over regular HTTP, you may also notice a red "not secure" message. This is meant to push websites towards SSL, and it’s only the start. Google has announced additional plans to clearly mark all traffic as not secure going forward.

What You Can Do

  1. Work with your hosting provider or website developer to purchase an SSL certificate from a reputable vendor.
  2. Have those same partners review your SSL configuration to confirm that you’re using strong protocols and ciphers that have not been deemed to be compromised.
  3. You may also need to review your site to confirm that you don't have any mixed content errors, which is when HTTPS pages are referencing insecure HTTP resources.
  4. While you're at it, complete a full review of your server configuration.
  5. A full penetration test or security scan may also be a good investment.

How Sandstorm Can Help

This is just the start of the conversation and we've only covered a few topics. Whether you’re moving your current website to SSL or want to ensure your new website is developed with the latest security in mind, we utilize the technology and techniques that make sure you’re protected.

This blog was posted by Sean on April 13, 2017.
Sean Fuller

About the Author

Sean Fuller

As a Senior System Architect, Sean is a hands-on developer and technical lead on projects. He works with design and strategist teams from kick off through launch to plan, design and execute technical solutions for client projects. 

THIS FILE WAS POSTED UNDER: 
this file was posted under: 

Pages