Ecommerce Replatforming: Security and Hosting

Data security is a top priority, if not the number one priority, for any online retailer. Evaluating hosting options with security and scalability in mind will be a primary driver for success. This section of Gorilla Group’s Ecommerce Replatforming Checklist covers how to assess security and hosting options for a secure and sustainable site.

From the moment you consider replatforming, keep security in mind. The main objective is to secure PII, or personal identifiable information, such as cardholder data, names and addresses. Do your due diligence on potential platform partners to ensure security is a top priority. Verify that your selected platform, 3rd party systems, and implementation partners practice full PCI DSS compliance, GDPR, and the California User Privacy Law, taking into account all requirements including encrypted data transmission, firewall configuration, and assistance with vulnerability scans and penetration tests. When considering a self-hosted platform, evaluate the simplicity of updates to mitigate costs required for basic security concerns.

Maintain internal policies that address information security, control server administrator access, and configure administrator IDs for traceability into back-end activity.

Review Code to Mitigate Vulnerabilities

Prior to build, review security patches for all software in the stack. Check the stack versions that are currently supported and their end-of-life to ensure the language is compatible and avoid the need for early rebuilds. Make sure developers are trained on top vulnerabilities and the code undergoes a thorough review process prior to implementation. Automated code-sniffing tools can analyze the codebase to look for vulnerabilities, with similar tools to sniff vulnerabilities post-deployment. Security needs change often, so regularly test your applications, systems, and processes to identify and mitigate gaps.

Investigate Architecture Options for Scalability

Today, it’s not about whether to host on-prem or cloud. It’s about finding the right cloud vendor for your business needs. Consider the host’s customization capabilities, including integrations with existing on-prem systems in your business ecosystem, such as retailer location POS or data systems. Evaluate upgradability and host future roadmap. Nearly every cloud vendor offers autoscaling to accommodate future growth.

Regardless of your cloud vendor, you’ll want to work with a service integrator who has a deep understanding of the cloud and ecommerce platform to fully leverage the cloud capabilities. Every platform has limitations and requirements, and if they aren’t considered correctly or are implemented poorly, the required reconfigurations can be costly to fix over the long-term.

“With commerce platforms becoming more robust, their reach and influence within a company’s existing technology landscape is wide. When replatforming, it is important to understand the selected commerce technology platform roadmap and what that carries in terms of current and future capabilities.” – Christopher Kostakis, Director Enterprise Solutions

Key Takeaway:

Do your due diligence with platform, hosting and implementation partners to ensure they meet security requirements and future business needs.

Download the full ecommerce replatforming checklist for dozens of tips covering Planning & Strategy, Business Enablement, User Experience, Content & SEO, Data, Development & Architecture, Site Security, and Launch/Post-Launch Activities.

Ecommerce Replatforming Checklist