Optimizing Your E-commerce Site for Top Performance
-
Upload
sanjeev-srivastava -
Category
Documents
-
view
214 -
download
0
Transcript of Optimizing Your E-commerce Site for Top Performance
Optimizing Your E-Commerce Site for Top Performance
Introduction
For nearly three hours on a Tuesday in June, 2010, Amazon.com was down. Its pages were empty and its search functions and shopping cart didn’t
For a site that averages some $51,400 in sales and revenue every minute, the downtime could have cost Amazon $9.2 million dollars, according to the web site Technologizer.
1 E-commerce and retail
A "glitch" cost zappos $1.6 million in less than 8 hours.
2011 Bleum 2
Zappos knows how Amazon feels.
Between midnight and dawn one day
in May 2010, a glitch on its sister
website 6pm.com somehow capped
prices for most Zappos products at
$49.95. Zappos lost $1.6 million during
that overnight stretch. Its losses would
have been much higher if the problem
had occurred during the day.
Traditional retailers haven’t escaped
costly and embarrassing online
problems either. For much of Black
Friday 2010 and sporadically for the
rest of the week, including Cyber
Monday, J.C. Penney experienced
response times of up to 90 seconds.
According to monitoring done by web
performance management software
caused the home page, search, “add to
cart” and “proceed to checkout”
functions to repeatedly time out and
not complete sales.
e-commerce site did exceptionally
well during the 2010 peak holiday
season. Its near-impeccable
availability stood at 99.98%, with an
average response time of 11.58
seconds, according to Alertsite.
Because of this, Alertsite ranked
retailer providing the best overall
experience to shoppers in 2010. Not
sales rose 26% to $1.2 billion in 2010,
a particularly important gain since its
retail sales grew less than 10% over
the same period, ending at $2 billion.
e-commerce sites; security is also
critical. Ask any banking institution
that fell victim to the recent string of
cyber attacks and they will tell you
security regime is. Citigroup’s May
2011 attack had hackers accessing
the data of 1%, or an estimated
210,000, Citigroup customers
according to the International
Business Times. Whether or not
fraudulent charges on these accounts
have been made is still in question.
getting e-commerce right is tough for
even the savviest of companies.
However, it is essential as the
Internet is increasingly having an
outsized impact on company
reputation, growth and market share.
The key is a rock-solid foundation
incorporating security, reliability and
operational excellence. As a growing
list of e-commerce sites have
discovered, however, what was
performance even last year has
become inadequate for succeeding in
the online marketplace of today —
and certainly, of tomorrow.
Companies need to strengthen their
e-commerce platform now or risk
putting their organizations at a
strategic disadvantage especially in
lost sales, customer defections, bad
publicity or even lawsuits.
Identifying and adopting processes to
ensure best practices in security,
reliability and performance will
separate the top performing
e-commerce sites from those that
merely survive.
The Price of Online Success
Building Block: Security
"Web influenced" retail sales- 2010: 46% of U.S. total retail 2014: 53% of U.S. total retail
Forrester
3 E-commerce and retail
Ironically, many e-commerce sites are suffering from
their success. Originally built over the last decade,
many online stores have enjoyed an explosion in sales
according to Forrester Research.
But that modest share of total sales does not begin to
convey the full importance of an organization’s online
stop for consumers to compare brands, prices,
features, reviews and all manner of information for
anything from hotel rooms and airline tickets, to
computers, shoes, tractors and refrigerators. This
holds true even if a consumer ultimately buys a
product through other channels.
Forrester Research estimates that more than $1
retail sales last year and will grow to 53% of the total,
or $1.65 trillion, by 2014.
With online business booming, companies are
layering their websites with new patches, protections
relentless and becoming increasingly sophisticated,
cyber attacks increased 93% from 2009 to 2010. The
according to Javelin Research. Companies face
additional security challenges from within, not the
least of which are disgruntled or criminal employees
and ex-employees. For most companies, however,
their greatest vulnerability is due to a dual failure: a
selective rather than comprehensive approach to
incorporating security measures; and a lack of
consistency in applying security measures.
though, are reaching their limits. The need to address
the emerging impact of mobile technologies is adding
more complexity to the issue, at a time when many
sites are already stretched thin. Mobile devices are
and behavior as well as the interplay between the
two. The impact and reach that mobile will have,
though, is still unfolding.
An e-commerce site’s foundational elements can get
lost or shortchanged in the rush to build capabilities
to capture buyers using mobile devices, or to add the
latest in business analytics for a better understanding
of buying behavior. While the other initiatives clearly
are important, they will ultimately fail if the
e-commerce site lacks a solid and secure base built
with a secure and reliable architecture.
To move into the top tier of online stores, e-commerce
sites need to focus on improving the foundations of
security, performance and reliability. The right
customer demands and evolving business needs.
2011 Bleum 4
Overall, a company’s defense needs to be
against malicious cyber attacks intent on disrupting
credit card numbers. The second area is to protect
breach, employee tampering or other malicious forays
certain measures to keep hackers out and take other
steps to protect a site’s sensitive data should hackers
barriers.
For both types of security threats, companies must
establish a disciplined, consistent program for
integrating security at all levels and keeping it
For example, a May 2011 cyber attack against Honda
Canada resulted in the theft of 283,000 car-owners’
personal information from the e-commerce sites
myHonda and myAcura. According to Michael Lewis of
thespec.com, Honda thought the records contained in
the database were destroyed by an outside vendor in
charge of the project. When interviewed, Honda’s
“…apparently, they were not.” This is just one example
of how pieces slipping through the proverbial cracks
can have disastrous implications.
The reasons for the failure to adopt and follow
code from the early days of e-commerce, a time when
attacks were less sophisticated and sites less complex.
Often, programmers are used to building systems for
internal use and are not skilled at writing code with
security vulnerabilities in mind. They are also lax in
searching for security issues during software testing.
Too often, security features are added after the fact
rather than being built into the software and
hardware of an e-commerce site. Companies face the
added complication of maintaining security when they
integrate with partners, such as payment or e-mail
marketing providers. protection;
Constant and timely virus protection;
visible IRL data;
numbers through using PayPal;
Protection against simulated transactions that
cause spikes in usage;
PCI compliance as another layer of protection
within a broader security protocol, not a
singular method of defense.
updated as code and hardware changes. World-class
e-commerce companies begin with application
development and maintenance. They create formal
processes, rather than relying on individual
programmers or testers, to embed security when
writing and testing applications. In addition, they
conduct regular security testing, at least once a
quarter, to try to break the code or infrastructure.
defense in protecting the site’s infrastructure and
network against outside attacks, while encryption is
vital for protecting sensitive data within the site.
Like authentication and encryption, most security
best practices are well known and proven. Yet too
many companies pick and choose rather than
incorporate all of them. To lower risk and safeguard
their sites, companies need to take a comprehensive
and evolutionary approach to security that involves
these multiple layers of protection. Additional
security practices should include:
Building block: Reliability and
Scalability
5 E-commerce and retail
There’s no question that customer expectations about
reliability are exceedingly high. They want sites to be
up, running and fast. The goal for uptime really needs
Yet, as features proliferate and site volume swings
wildly based on time of day, day of the week and the
time of the year, e-commerce sites face a complex
challenge in being able to scale and achieve an
appropriate level of reliability while also keeping costs
effective. Few companies can afford to simply throw
money at this issue. Installing dozens upon dozens of
servers to handle the rare surge in volume, for
example, may ensure uptime but at quite a prohibitive
cost.
While uptime is a major gauge of reliability, it is not the
only one. In fact, e-commerce sites must address the
root cause of reliability issues, which come in two
when the system falters or crashes because a site
exceeds its capacity.
addressing both types of reliability issues, companies
need to combine superior software development with
capacity planning and infrastructure management,
begins with the robustness of the site software itself.
Best practices in application design and development,
such as adhering to CMMi Level 5 standards, can
maximize performance by minimizing defects and
response time and require more processing power.
Beyond solid design and development, companies
need to develop an expertise in capacity planning and
management. With capacity planning, a company
routinely monitors and balances its network and
infrastructure to anticipate load changes, especially
as it alters its system and accommodates changes in
usage. New tools allow mathematical models to be
built to simulate the applications and infrastructure
so that volume can be tested and likely bottlenecks
found even before completing the software or
deploying the infrastructure.
Determining the right balance for a company’s
infrastructure load is a complicated undertaking.
more unpredictable than from internal systems used
third-party integrated components and systems add
complexity and uncertainty.
weakest links, a capacity management program
targets those possible single points of failure. It
them through such steps as:
Once the solutions are in place, leading e-commerce
companies can then routinely do stress testing,
especially after making changes to the site’s
hardware or software.
Building in redundancy such as clustering
network;
Tuning applications, databases and networks;
Using tools to test load to prepare for new
applications and hardware;
remains operational even if a capability or part
of the site goes down.
Building block: Performance
The ultimate goal of any e-commerce site is to move
the consumer to a sale, with the minimum number of
clicks to conversion. For the customer, it’s all about
making the site intuitive to use and relevant. If a site
puts too many obstacles in the way to a sale — too
or inaccurate search results — the customer is just one
click away from switching to a competitor’s site. Poor
or even mediocre performance costs more, in more
ways than one. Not only does it drive away frustrated
customers due to longer wait times, but it also requires
more support hardware, more processing power and
related hard-dollar outlays.
and development, coupled with processes to ensure
the site is monitored and adjusted to maintain
operational excellence. For applications, CMMI Level 5
development processes help ensure everything from
the business requirements to the quality are exactly
best-practice software development approach also
enables on-time delivery and provides a proven path
to better performance when upgrading existing subpar
software. CMMI is, however, not a magic pill. It should
be one part of a comprehensive plan to create a
high-performing site, along with several other
components.
which offers an opportunity for major performance
improvement, whether in unifying an e-commerce site
that has been built over time using different software
disparate system components and applications while
providing a modular design that enables functionality
to be compartmentalized and easy to identify. It is
2011 Bleum 6
redundant systems are ready and able to step in if
management program helps build consistency
between the primary systems and the backups by
keeping a database of how every server and system is
parallel changes in the main system. In addition,
the backup servers and systems to keep them ready
to take over as seamlessly as possible when a main
helps to ensure the test system matches production,
critical for proper testing.
7 E-commerce and retail
the consumer typically does (with an aim to making
why abandons typically occur. This insight is used in
building better online applications and functionality.
As discussed in relation to reliability, load
monitoring and balance testing is also critical for
peak performance. Load monitoring is essential to
stop performance. Like UX, performance and stress
testing is key to maintaining operational excellence,
involves placing dummy transactions or simulating
user activities on a mini-production environment
created to mimic the software and hardware
keep the simulated and live environments in sync
and minimize the hardware and software necessary
to replicate the actual site.
organization introduces a software or hardware
For example, Black Friday and Cyber Monday in the
sales. In 2010, Ebay and PayPal both saw extreme
increases in their mobile site usage, with Ebay
doubling its mobile sales and PayPal seeing a 310%
increase from 2009, according to Techcrunch
must prepare for these inundations prior to
occurrence, or else risk slow performance or
crashing.
effort and is often completed in stages. As a starting
point, companies should determine their weakest
applications, capabilities or parts. They can pinpoint
these weak spots by looking at the site’s problem
history, where the company is spending too much
time and money, where there is weak documentation
and by the age of technologies. Once these areas are
use of such techniques as cyclomatic complexity,
which encourages continuous program improvement,
understand program behavior under various stress
scenarios.
friendliness. To that end, companies need to dedicate
monitors online customer behavior and analyzes such
issues as how long the consumer must wait, what
Enhances the IT organization’s ability to analyze
and respond to performance issues;
Enables module reuse — creating software
capabilities, such as a payment module, that can be
reused in other applications (e.g., on the company
Minimizes database searches and response times
because it stages likely data to be used;
Offers potential to perform asynchronous data
lookups or other processing in parallel to prime
navigation paths to speed likely further steps.
Focus on the Key Building Blocks
While a strong e-commerce platform is of clear strategic importance, CIOs and their e-commerce teams
often struggle to balance a deluge of IT demands and crises against a backdrop of budget and time
constraints. Understanding and focusing on the key pivot points for achieving top-notch security,
reliability and performance, though, can spell the difference between online success and mediocrity.
For security, a holistic approach to best practices, backed by processes that enforce consistency, is critical.
Reliability depends on software quality combined with expertise in infrastructure and capacity planning
regular performance and stress testing, can help ensure operational excellence.
Companies that invest in the people, partners, processes and capabilities for achieving excellence in those
areas will go a long way to ensuring they create an e-commerce platform that will help deliver exceptional
online results.
2011 Bleum 8
Building and keeping an e-commerce site at peak performance requires a wide
and deep IT skill set, from application and middleware design and development
and UX to infrastructure and network capacity planning and management.
Moreover, it requires building and implementing processes to ensure security,
reliability and operational excellence are consistent priorities.
Given all of the demands on IT departments, it is no wonder that few companies
have the necessary experience, capabilities and discipline to excel at all of these
e-commerce capabilities and experience, like Bleum. Bleum offers a rare
combination of expertise and client success in all key e-commerce areas.
Partnering for E-commerce Strength
9 E-commerce and retail
Experience. Bleum’s executive team, as well as its programmers and
testers, bring a proven track record of building and optimizing e-commerce
sites, including expedia.com and one of the world’s largest online stores. For
a top 5 global retailer, Bleum serves as half of the development team for the
expanded Bleum’s responsibilities to include building a new Chinese
e-commerce site.
Results.
handled the highest shopping volume in its history without a single outage.
Bleum produces hundreds of new features every month, helping drive an
online sales growth of 22% in 2010.
Capability. Bleum provides a full range of e-commerce technology services
from infrastructure assessment, platform recommendation, site design and
also provides end-to-end NOC solutions for mission-critical operations,
from NOC strategy consulting and process setup through full ownership of
NOCs.
2011 Bleum 10
ATG Expertise. Bleum has the biggest ATG resource pool in China and can
build an e-commerce infrastructure from scratch, including store site, backend
and integration with existing retail IT systems. Bleum’s ATG team includes
Talent. Hiring some of the best and brightest Chinese engineers, Bleum builds
dedicated teams for its clients and makes acquiring domain knowledge a
priority for the team, reducing the learning curve and proving client value
faster. All Bleum employees speak English and the company further develops
Western culture and technical skills.
Quality. An industry leader in software development, reappraised in 2010 as
CMMi Level 5 companywide, Bleum delivers more than one-third of all
projects at production with zero major or moderate defects. Overall, we
average 1 defect per 10,000 lines of code versus the market average of 7
defects per 1,000 lines of code.
Discipline. Using proprietary project management and quality systems,
Bleum applies highly mature and effective processes to everything from
design, development and testing of the NOC. The systems also allow clients to
track progress in real-time based on key metrics from productivity per
engineer per hour to schedule variance.
Security.
applications through the creation of freely-available articles, methodologies,
tools and technologies. Bleum’s security processes limit employee access,
require legal agreements with employees and build in multiple layers of
physical security. Bleum also regularly conducts security tests, holding
bi-monthly examinations for all staff members.
W O R L D W I D E H E T E R
Cloud-9 Mansion 8F
1118 West Yan‘an Road
w w w . b l e u m . c o m
Copyright © 2011 All rights reserved.