PrintEmail

So you’ve got your shiny new Content Management System (CMS) website up and running. The design looks good, you’re hosted with a reputable ISP and all the security settings are correct. You have an easy-to-drive web-based interface that you and members of your team can use to update, add and delete content whenever you see fit. The site address has been submitted to key search engines and you’re all set to reap the rewards of your online presence. 

It’s true that setting up a content-managed website nowadays is not the huge financial expense that it once was. There are some great off-the-shelf CMS packages out there now such as Jooma!, WordPress and even New Zealand’s SilverStripe. There are a wide range of template designs available, many for free and others at a nominal cost. There are free blog services which are easy to use and can even be configured to connect through individual domain names. So why do we need to hire web design companies? What’s to prevent your average small or mid-sized business downloading one of these packages and uploading the contents to a hosting server or opening a blogspot account, setting all the necessary passwords and permissions and publishing their own web content?

While the obstacles of designing and coding a website can be effectively bypassed, there are still definite security concerns when using an off-the-shelf CMS. The very fact that these packages can be downloaded and easily configured means that hackers can also download copies and look for ‘xploits’ – weaknesses in the code that can be exploited to enable the hacker to take control of installed copies of the software. The companies that write the CMS packages are constantly on the watch for this kind of activity and, as is common practice for software companies, release patches and updates to address new security concerns. However if a site is running on an older version CMS it is are potentially at risk. Do the site owners have the technical smarts to upgrade the CMS to the latest version without losing site content? And if they are running third-party extensions to add functionality to their site, are these compromising the integral security of the site? Are these extensions the latest and most secure versions?

Security concerns aside, there are also design concerns. Is there a template available that complements the company image and branding? Can the company logo be displayed on the site pages, and can it be displayed ‘correctly’ (note: there is much more to this than simply having the logo appear on a page)? Are the colours a match to brand identity? What about typography? How many other individuals in cyberspace are using the same template? How much time is it going to take to do this work (in business nothing is ever ‘free’), and who is available to do it? Could their time be better utilised? And above all, how many design compromises should be made in the interest of having a ‘free’ website design?