When you’re responsible for managing one or many large digital properties, your primary concerns are usually:
- Are all your sites up and available?
- Are they secure?
- Are they performing as well as your audiences expect?
You need a platform that can both perform at scale and maintain performance as you scale. More importantly, you need a platform that is flexible enough to adapt to the changing digital experience needs and expectations of your company and customers, but also stable and secure enough to deliver those experiences seamlessly.
This article will guide you through the specific technical and organizational features you should look for when evaluating digital experience platforms.
The big three
When you’re responsible for maintaining dozens, hundreds or thousands of websites, your concerns are as numerous as the sites you’re managing. But for the most part, they can be boiled down to the following big three:
- Are all your sites up and available?
- Are they secure?
- Are they performing as well as your audiences expect?
To answer these questions with confidence, you need a platform that seamlessly demonstrates each of the following attributes:
- Maintains performance at scale
- Adapts quickly and flexibly to increases in demand (without radically increasing costs)
- Relies on intelligent infrastructures, such as a load-balanced CDN, to automatically optimize performance
- Provides quick, meaningful insight into performance
- Meets the most stringent standards for security and compliance
- Features an open, API-first architecture that integrates easily with your existing martech stack and IT infrastructure
- Provides quick deployment
- Is fully supported by your vendor partner with an SLA-based, rapid-response capability
- Allows new content to be pushed to end-users, regardless of channel, quickly and easily
In short, you need a platform architected for scalability, performance, intelligence and security. Through the context of these attributes, this guide will explore the specific technical and organizational features you should look for when evaluating platforms that can not only meet the current needs of your company and your customers but is equally capable of growing with you as your requirements evolve.
A solution supports business growth and helps you adapt to business conditions, by being able to scale.
An ability to scale supports growth
A solution supports business growth and helps you adapt to business conditions, by being able to scale. This ability to scale ensures that your business can accommodate change quickly and without breaking the bank. When selecting a digital experience platform, you need to consider its ability to scale from two perspectives:
Present Need Scale today could mean that you are managing one property with thousands of pages and massive amounts of traffic (think: NBC Sports during the Olympics, or Interflora during Mother’s Day or Black Friday) or multiple sites, which themselves may be substantial (think: Conagra or Nestle – any organization supporting multiple brands).
Can this platform manage your current web ecosystem so that it performs under unpredictable traffic load and remains secure under key circumstances, including rapid fluctuations in traffic?
Future Need Scale in the future can take numerous forms. New product launches and geographic expansion may drive the growth of your digital footprint. Mergers and acquisitions can have the same impact, as can a change in the business model (moving entirely to online sales in the retail space, for example).
Will this platform be flexible and adapt to support your growth and evolution into the future?
Some scale issues are predictable, such as when launching new properties in support of a particular product offering or company initiative. Others are not, such as sudden surges in traffic thanks to the press (good or bad) or the unanticipated success of a campaign.
Whatever the cause, the ability to scale rests on cloud technology. To take full advantage of the cloud’s capabilities, the platform you choose must be cloud-native. Given the current availability of cloud-native solutions, any money spent on retooling a legacy platform for cloud deployment is effectively wasted.
Scale, interoperability and the future of content
Scale and speed-to-scale demand interoperability. Achieving the appropriate level of interoperability should not involve runaway integration costs or lengthy, integration-related delays. APIs play a central role in enabling such frictionless interoperability, so seek out a platform designed with an API-first approach. This design approach means, above all else, that, rather than an afterthought, the platform was designed specifically to facilitate connections to a diverse and evolving environment.
Integration on the back-end aside, digital experience – which, after all, your platform is meant to deliver – stands and falls with content. The world of content, however, is currently in the midst of an ongoing revolution. In addition to the many emerging forms that content can take (VR, AR, interactive video, AI-driven audio, etc.), front-end channels continue to proliferate beyond the traditional website (be it desktop or mobile). You may need to deliver content to native applications, single-page applications, digital kiosks, conversational interfaces, VR-headsets or even connected devices belonging to the Internet of Things.
Content distribution and management at scale in such an environment demand a platform that can push content to any front-end. A decoupled CMS (meaning, a CMS that is not tied to a front-end) is ideal for this.
Decoupled CMS delivers, via an API, content for consumption and manipulation by other applications. This model offers the following advantages to both content creators and developers:
- Efficiency: Since content can be delivered on any channel, you can rely on a “write once; publish anywhere” approach. No duplicate work simply to accommodate different content destinations.
- Control: Content creators can access and manage content through a central repository.
- Freedom: Marketers, designers, and developers are freed from constraints concerning the types of digital experiences they can deliver.
Thanks to its cloud-native architecture, API-first approach and (decoupled) Drupal CMS foundation, Acquia provides a platform that supports scale both now and into the future.
Time to market
Time to market (TTM) is about getting new digital experiences up, running and optimized as quickly and efficiently as possible. Automation and a decoupled approach to content management are essential to providing the critical agility enterprises need to reduce TTM.
Acquia’s API-first approach means that enterprises can avoid costly and time-consuming integrations with their existing marketing stack. Flexibility in delivery architectures means you can easily push content to the front end, whatever that may be. (Think, for example, of a public transit agency pushing alerts to digital signage in train stations.)
Multichannel support is also critical. More and more, organizations want to move beyond the website when it comes to delivering digital experiences to their customers. They want to push content to digital kiosks, to social, to conversational UIs, mobile and more. The best way to manage content efficiently across multiple front ends is, first, by decoupling content management from a specific front end and, second, by creating a single repository for all content.
Content should be in one place. You should have one place to define all the content workflows. And content should be able to flow to the customer, wherever and however, that customer wants to consume it. Efficiency on the content management side and openness on the content delivery side combine to make TTM quick and seamless.
Performance and Intelligence
Just as the platform you choose must be built for scale (and scalability), it must also perform at scale.
How Acquia addresses performance
Just as the platform you choose must be built for scale (and scalability), it must also perform at scale. What does optimal performance look like? It means that the content your end users want to access shows up when they request it without delay. To ensure that, the platform needs to perform as efficiently as possible when handling everything from HTTP requests to content delivery and load balancing.
There is a range of functionality that can work together to enable and support such performance, and much of it relies on baked-in intelligence. Here’s how Acquia addresses performance under constantly changing conditions:
- Content Delivery Network (CDN): Delivering content upon request without lag requires a content delivery network. CDNs are inherently intelligent, picking the best path based on prevailing web traffic and the final destination of the requested content. Powered by Acquia’s global network of data centers, Acquia Edge CDN allows for a true global scale.
- Accelerated Mobile Pages (AMP): AMP-enabled pages can result in loading times that are 3X faster, compared to traditional mobile content. Acquia achieves such performance improvements by caching these pages across 165 data centers in 75 countries, with strict AMP HTML validation rules and continuously monitoring for potential security risks.
- Load Balancing: Traffic can spike unpredictably, and even normal traffic volume will not always be distributed evenly across your digital properties. Consistent performance requires a platform that responds to traffic irregularities and responds in a way that keeps traffic loads manageable, both globally and locally. To provide resiliency in the case of DDoS attacks, effective load balancing also features failover functionality.
- Argo Smart Routing: Like ‘Waze’ for your packet traffic, Argo routes traffic across the fastest paths available, maintains open, secure connections to eliminate latency imposed by connection setup and improves SEO. Argo reduces Internet latency on average by 35% and connection errors by 27%.
- Firebolt: Finally, since content also needs to be served to ad networks, Firebolt optimizes ad content on desktop and mobile devices, increasing ad delivery speed and branding to non-Google ad networks. This can result in a 5X (or greater) increase in ad delivery speed.
Real-time intelligence and platform performance
Administrators need an efficient and usable way of monitoring performance. What’s more, performance issues need to be detectable and addressable in real-time.
A platform that supports performance at scale needs a set of analytical tools that monitor and evaluate platform performance and security. Acquia Insight takes care of performance and security monitoring, while also sending alerts when performance or security issues have been detected. These alerts also include best practices and guidance for addressing the issue.
Since managing and monitoring a large site, or multiple sites can often exceed the ability of administrators, the platform should also feature intelligent automation of ongoing management tasks.
Finally, the entire site ecosystem needs to be manageable according to the standards and requirements of your organization. Acquia’s subdomain support lets customers treat any subdomain like a top-level domain with independent settings. Organizations and members thus enjoy ultimate flexibility in managing and customizing subdomains.
Still, even with all the monitoring, measuring and automation in place, things can go wrong. When that happens, you need a partner that can not only responsively resolve any issues that arise but can also highlight best practices to ensure you are getting the most from your systems. Acquia support not only follows an aggressive, SLA-based response protocol, while offering unlimited infrastructure support and application allowances for a range of scenarios but is connected to a broad community of Drupal experts including core owners, security team members, and module contributors.
Scale and rapid scalability pose unique security challenges. The platform you choose must be built with security in mind.
Built with security in mind
Scale and rapid scalability pose unique security challenges. These include everything from an ever-expanding attack surface to the inherent complexity of monitoring thousands of web interactions across multiple sites. The platform you choose must be built with security in mind. What does that mean?
First, the platform must meet the highest standards for encryption and compliance, including encryption at rest and in transit. Besides, it should be easy to configure the platform to share logs securely with your Security Information and Event Management (SIEM) systems, thereby providing more visibility to improve incident detection and response.
Second, it needs to support the logical isolation of assets, from intranet applications intended for a controlled audience to commerce applications storing PII and other sensitive transaction data. The platform must also ensure a secure connection between your data center and the cloud.
Third, all relevant software needs to be updated automatically. You don’t want to get stuck with old versions of applications or worry that your system lacks the latest patches.
Finally, you need to carefully control access to the platform. Advanced user management capabilities provide the necessary tools for access management and monitoring.
The platform must meet the highest standards for encryption and compliance, including encryption at rest and in transit.
Control and compliance
Acquia offers a suite of tools and services designed to ensure the security of business-critical applications, protect the data on which these applications depend and maintain appropriate compliance standards.
Acquia Cloud Shield enables organizations to deliver a broad range of assets through a dedicated, logically isolated section of the Acquia Cloud. This isolation allows you to protect critical data in several ways.
Using a combination of public and private clouds, sensitive data can be routed via a virtual private network (VPN) from your Acquia Cloud application to supporting systems within your data center. This affords you maximum control over business-critical data by securely and easily bridging your corporate network to sites on Acquia Cloud.
If your organization must comply with PCI, HIPAA or other regulatory requirements, Acquia Cloud Shield enables you to enforce strict controls over data by segregating your Acquia Cloud infrastructure from that of other Acquia customers. If an even higher level of control and compliance is required, Acquia Cloud Shield makes it possible to maintain sensitive data within your network.
Security and performance
There needs to be no trade-off between security and performance. Indeed, good security can be the key to great performance. What’s more, it’s time we dispelled the popular belief that open source platforms are somehow insecure. Nothing could be further from the truth.
Acquia Cloud Edge (powered by Cloudflare), for example, stops online threats before they reach your site(s), thus allowing you to serve legitimate visitors optimally. By utilizing edge servers, Acquia Cloud Edge can also speed global delivery of your digital experiences, ensuring the best experience for your brand anywhere in the world.
Two products combine to allow Acquia Cloud Edge to both provide security and support performance:
Acquia Cloud Edge Protect examines web traffic in real-time, monitoring for suspicious activity. It relies on a Web Application Firewall (WAF) and high-speed DNS to protect your application(s) against distributed denial of service (DDOS) attacks.
Acquia Cloud Edge CDN provides a globally load balanced content delivery network (CDN) operating at the edge. As a result, visitors interact with your applications or sites at the fastest possible speeds, no matter where they are located.
Administration and maintenance
Finally, since security and compliance are never “one and done,” your platform needs to provide support for site administrators to keep the site up and running during routine maintenance or in case of any unanticipated issues.
Acquia’s Remote Site Administration (RA) service, an additional service for all Acquia Cloud Site Factory subscriptions, handles typical and routine Drupal administration tasks so your team can focus on completing more high-value tasks or developing new features. The “tasks” it handles include the normal maintenance activities and minor website modifications an on-site administrator would typically handle through the Drupal administrative user interface.
Using RA provides several benefits:
- Streamlining routine updates and maintenance: A team of Drupal support specialists is well-versed in Drupal website administration. RA simplifies Drupal update and maintenance efforts to free staff members from time-consuming routine tasks, saving both time and money.
- Ensuring your website is secure and up-to-date: With RA, Acquia will keep your website up-to-date with the latest security patches and bug fixes. Our Drupal security experts will ensure your website maintains the highest security possible and responds quickly when new vulnerabilities are identified.
- Implement best practices quickly and easily: Acquia’s knowledgeable Drupal support team will help you implement best practices such as revision control, staging and deployment, testing, updates, backup monitoring and more. A team of experts is also available 24×7 to provide the support you need to deploy Drupal with confidence.
FedRAMP and FIPS
For federal customers using Acquia Cloud Enterprise and Acquia Cloud Site Factory, Acquia has worked to secure an Authority to Operate (ATO) by the U.S. Department of Treasury under the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
The federal government spends hundreds of millions of dollars a year securing the use of IT systems; FedRAMP assures agencies that the appropriate security and risk management practices are in place for their cloud properties. Only cloud providers that meet the strict provisions of FedRAMP gain this certification.
“Securing IT platforms is a matter of major concern for the federal government, and we at Acquia are proud to be recognized as one of a select few Platform-as-a-Service providers who have completed FedRAMP to provide best-in-class digital solutions to the agencies that keep our country running smoothly,” says Alan Nugent, chief information security officer at Acquia. “Acquia is focused on every dimension of security, risk, and compliance from our internal systems and controls through the entire product portfolio. We’re committed to delivering unmatched security, scalability, and performance to our federal agency clients.”
The Federal Risk and Authorization Management Program framework adheres to the requirements of federal, state and local governments, as well as highly regulated industries, such as financial services and life sciences, that demand strict security protocols for their IT properties. Acquia’s continuous monitoring ensures a uniform approach to risk management and offers significant cost savings, improved efficiency and faster time to market for digital experience delivery.
Acquia also meets the Federal Information Processing Standard (FIPS), the U.S. government computer security standard used to approve cryptographic modules. Acquia is fully FIPS validated.