Share this article

Ecommerce Website Speed, Stability and Security: The Ecommerce Non-negotiables All Online Businesses Must Deliver

As an ecommerce executive, you probably think a lot about how you can take your business to the next level –– and there are a lot of tools at your disposal.

Yet, as the ecommerce space continues to become more and more competitive, consumers expect a certain level of quality from a retail website they visit. Yes, design matters. Yes, your messaging matters. Yes, whatever campaign you decide to run matters. But, none of those marketing aspects are necessarily non-negotiables.

In the ecommerce world, the following are absolute non-negotiables to running a successful business: site speed, stability and security.

Page Load Speed: Immediate

Time is money, especially for an ecommerce site. When an online shopper clicks Buy Now, something needs to happen –– and needs to happen right then. To accomplish this, your site needs a fast response time, boosted by a content delivery network.

Any delay on the web lowers results. Amazon, Google, Microsoft and many other companies have tons of research to prove that. For example, in 2006, the average online shopper expected webpages to load in eight seconds or less; by 2010, that number was down to 2 seconds or less.

This is why the speed of your site is critical for your business. If your page doesn’t load fast, many shoppers simply click away to a competitor — and may never come back. Using a content delivery network (CDN) is a smart way to speed up your website.

If your site doesn’t load fast, shoppers simply click away — and may never come back.

Click To Tweet

The CDN maintains servers at strategic points around the world; each server stores a “cache” of the biggest files on a website, such as code, photos or videos. Thanks to its special design, the CDN can serve up those files faster than your own site.

A big chunk of the internet’s traffic is handled by CDNs behind the scenes. And since CDNs provide a vital service, you normally pay a high fee to use one.

Not so with SaaS ecommerce technology like BigCommerce. Our ecommerce hosting already includes the industry-leading CDN, Fastly, which uses a smart, modern architecture to deliver the biggest bang for your buck.

And, Fastly is the only CDN with “instant purge of dynamic content.” That means you can update your product database and any visitor will see your changes immediately, instead of 20 minutes later.

This real-time content delivery is no longer a nice-to-have with consumers when it comes to the best website hosting. Your site must load immediately, or you’ll risk losing a sale to Amazon and other sites that have accounted for this customer expectation.

99.99% Uptime

Just like an Olympic athlete, your site has to perform at peak condition through every grueling test. Can it handle the double-whammy of Black Friday and Cyber Monday? How about a guest spot on Shark Tank? What about a flash sale, or a celebrity influencer campaign?

Customers will expect it to.

For five years in a row, Cyber Monday has been the biggest single day for online shopping. On that day in 2014, ecommerce sales in the U.S. topped $2 billion for the first time ever. Black Friday added another $1.5 billion, and the days in between accounted for $2 billion more.

“From Black Friday through Cyber Monday 2014, BigCommerce handled three times our normal traffic load with 100% uptime,” said Scott Baker, head of site reliability and operations at BigCommerce. “We have one customer who did more than 70,000 orders in four hours that day!”

That’s one heck of a surge –– and it’d be a terrible time to lose site uptime, and thus revenue.

The holidays, though, aren’t the only high-traffic time for websites. Your flash sales or deals of the day can create big spikes in traffic. And, if a celebrity is spotted wearing a certain type of sunglasses, sales of that style can go through the roof.

To make sure your site can handle an unexpected burst of demand, it helps to know people who’ve been there and done that. Baker and one of his colleagues worked for two online ticketing services, where they got lots of practice dealing with spikes in traffic.

“Say Lady Gaga is doing a concert tour, and tickets go on sale at 7 a.m. In those first five minutes, you have to deal with hundreds of thousands of people coming to the site to get tickets,” says Scott. “And tickets often sell out in just a few minutes.”

Sites must be able to handle large amounts of traffic in very short periods of time.

“A lot of people just guess at their capacity,” notes Scott. “But we actually know ours. We don’t guess, we figure it out. That way, we can prepare for upticks in traffic.”

When you’re ready for your closeup, you shouldn’t have to be worrying that your site stays up, live and functional. Ensuring you have this non-negotiable nailed down is essential to growing your business and maintaining customer trust and loyalty.

Site-wide Security and Peace of Mind

In today’s ecommerce world, site security means protection against hackers. PCI compliance, DDoS mitigation when necessary and site-wide HTTPS are all the necessary means to properly achieve ecommerce security.

PCI Compliance

The PCI Security Standards Council (PCI SSC) defines a series of specific Data Security Standards (DSS) that are relevant to all merchants, regardless of revenue and credit card transaction volumes.

Achieving and maintaining PCI compliance is the ongoing process an organization undertakes to ensure that they are adhering to the security standards defined by the PCI SSC.

The SSC defines and manages the standards, while compliance to them is enforced by the credit card companies themselves. Again, these standards apply to all organizations that deal with cardholder data. Cardholder data refers specifically to the credit card number, along with cardholder name, expiration date and security code (CSC). The purpose for PCI compliance is simple: ensure customer credit card data is being properly secured.

There are different levels based on the amount you are transacting, and PCI compliance experts are expensive to hire. Good thing, then, that many SaaS ecommerce platforms handle this for their customers. This is an incredibly expensive and time consuming endeavor that most retailers cannot accomplish on their own expertise. For more information into exactly how to earn PCI compliance on your own, here is a guide.

Denial of Service Mitigation

DDoS attacks can strike without warning. They can happen intentionally by hostile outside parties or be triggered by scripts that scour the internet looking for known vulnerabilities. For online stores utilizing SaaS-based ecommerce technology, DDoS mitigation is handled for you, providing better protection than most self-hosted providers can offer, and much better protection than what your business is currently prepared to do.

Site-Wide HTTPS

Serving your entire site using HTTPS has two primary benefits: improved search ranking with Google and improved site security and shopper trust. What is site-wide HTTPS? It’s essentially site-wide SSL (Secure Sockets Layer). SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This secure link ensures that all data that passes between the web server and browser remains private and integral. In general, data delivered over an unencrypted channel is insecure, untrustworthy and is easily intercepted. In fact, in 2014, Google’s Pierre Far and Ilya Grigorik made their presentation calling for HTTPS Everywhere, reminding webmasters and website owners of the importance of  protecting the security, privacy and integrity of user data.

A fully secure site is a big deal, not just to the health and safety of your business, but important to your customers as well. They want to be reassured whenever possible that doing business with you won’t mean they are part of another retail data breach. Site-wide HTTPS is one way to ensure they aren’t.

Once you have these three non-negotiables covered, your ecommerce site is ready to launch against the competition. Companies that do not meet the above requirements for security, speed and stability should reconsider their ecommerce technology and work toward a cost-effective solution that allows their teams to focus on bringing in net-new customers and converting them, rather than on keeping the site up and hackers out when they get there.

Tracey Wallace avatar

Tracey is the Director of Marketing at MarketerHire, the marketplace for fast-growth B2B and DTC brands looking for high-quality, pre-vetted freelance marketing talent. She is also the founder of Doris Sleep and was previously the Head of Marketing at Eterneva, both fast-growth DTC brands marketplaces like MarketerHire aim to help. Before that, she was the Global Editor-in-Chief at BigCommerce, where she launched the company’s first online conference (pre-pandemic, nonetheless!), wrote books on How to Sell on Amazon, and worked closely with both ecommerce entrepreneurs and executives at Fortune 1,000 companies to help them scale strategically and profitably. She is a fifth generation Texan, the granddaughter of a depression-era baby turned WWII fighter jet pilot turned self-made millionaire, and wifed up to the truest of heroes, a pediatric trauma nurse, who keeps any of Tracey’s own complaints about business, marketing, or just a seemingly lousy day in perspective.