Taming the fear, taming the technology
Understanding web development platforms
Hosted vs. installed platforms
CMSes to consider
Working with a development team
Website hosting
Website security and hardening
Privacy
Accessibility compliance
A consulting firm was referred to us to help them solve an issue they were having with their website. The issue turned out to be a small handful of issues all nested together.
It didn’t take long for us to find the root of the problem: the site, built using Wordpress, had not been updated in nearly two years! The Wordpress “core” code was out of date as was nearly every plugin used on the site.
That neglect created vulnerability, which hackers and bots were only too happy to exploit, which is what created the problems—and some embarrassment—for the consulting firm.
When we asked them about how they maintained the site, they said, “Oh, we don’t touch the site. The designer told us something would go wrong if we mess with it.”
Taming the Fear, Taming the Technology
Sadly, stories like this are way more common than you’d think. Business people who are otherwise smart, savvy, and engaged, freeze up at the thought of what’s hidden under the hood of technology that powers their business.
There are a handful of lessons to be drawn from this one story and we’ll dive into them in this chapter. Perhaps the most important idea I can share with you is that your digital marketing technology should be respected, but not feared. Yes, you can do some damage if you aren’t thoughtful in how you maintain, adjust, and experiment. But if your systems are set up properly, there should be redundancies in place that save you from the worst of your embarrassment, business disruption, and expense.
I’ll also suggest that you find a guide to help you navigate unfamiliar waters if you are intimidated by the technology. There are plenty of digital marketing consultants who won’t roll their eyes at you just because you don’t know a plugin from a widget.
Understanding Web Development Platforms
You’ve probably heard of HTML. It is now and always has been the main coding language of the Internet. What’s changed over the years, among other things, is how HTML is implemented.
In the earliest days, web developers wrote HTML code for each page of a site and that code was interpreted by the end user’s web browser. Efficiencies and helper tools were introduced along the way, but web development followed that pattern until platforms were introduced.
You can still build “static” HTML websites today if you’d like—there are advantages to using this simple approach—but it is much more common for websites to be built using one of the many platforms available.
There are two main types of platform for most small business marketers to be aware of. Before we dive into them, I’ll quickly mention that more complex sites are typically built with custom code. Custom coding is similar in approach to the HTML-slinging of the Internet’s earliest days, but includes many more options and far more complexity. Heavily transactional sites, sites with very specialized functionality, and sites that expect tremendously large audiences typically benefit from a custom-coded approach. It’s unlikely that you’ll consider custom coding for your first site. It’s more common to graduate to custom coding as your business grows.
Hosted vs. Installed Platforms
As you consider which platform and even what kind of platform to use, you’ll likely see this three-letter acronym: CMS. It stands for content management system, and it refers to a website that is built to allow non-coders to make editorial updates without the need to call in a tech team. Even custom-coded sites typically have a CMS built into them, and certainly the examples of both types of platforms we’ll discuss are all CMSes.
Installed Platforms
We’ll start with installed platforms because the 400-pound gorilla in the CMS space is Wordpress, and Wordpress is an installed platform. (Wordpress actually offers a hosted version, too. More on that later.)
As the name implies, an installed CMS requires you to install the system code onto a web server that you own, rent, or otherwise control. Once it’s installed, you customize the basic design, layout, and functionality to fit your needs.
Maximum flexibility in design and layout
Largest number of options for features and functionality
Greatest control over security and other technology
The main disadvantage to using an installed CMS is that with all that power comes a lot of responsibility. You are responsible for setting up appropriate hosting for the site and for maintaining the site to keep it safe and secure.
That can be more than you might want to take on and if that’s the case but you need the power and flexibility of an installed CMS, you’ll need to consider the expense of a maintenance plan with a web development firm you trust. This will generally cost more than the monthly fees charged by a hosted CMS solution.
If your marketing depends on the flexibility and power that come with installed CMSes like Wordpress, Drupal, and others, the relatively small additional cost will be well worth it, as will the more significant difference in development costs.
It’s worth noting that an installed CMS isn’t inherently a more expensive way to build a website. Development costs tend to be higher, though, because if you are using an installed CMS, you are almost certainly building a more complex site.
Hosted Platforms
The main alternative to an installed CMS is a hosted web development platform. The advantage here, in addition to the cost savings I just mentioned, is that a lot of the technical headaches and responsibilities that come with owning a website are removed from the equation. Your website is hosted on the platform’s server and they are responsible for all updates and upgrades to keep the hosting environment—and your website—safe, secure, and compatible with new browsers and mobile devices.
The downside is that the tools you have at your disposal will be more limited. That’s not to say that you can’t build a fantastic site on a hosted platform. The tools they typically make available are the more popular options. So you’ll be able to build features into your site like collecting emails directly into Mailchimp, iContact, or other email marketing tools; building forms to allow site visitors to contact you with questions; and displaying content like video, animations, and other content beyond the written word.
Site Portability
One other downside to hosted platforms is that it’s harder to simply pick up your website and take it elsewhere if you aren’t happy with the platform you’re on or if the platform no longer meets your needs.
Some hosted platforms do offer export tools, though there will almost always be a fair amount of work to import your site into a new platform, and not every import platform will be compatible with your exported files.
With installed platforms, there is a much greater chance you can cut ties with your hosting provider or the team who built your site for you. (Or both.)
That’s especially true if the CMS you’re using is open source. Open source means that the source code for the CMS isn’t owned by a for-profit company. In most cases, it isn’t owned by anyone, but is managed by a collective group of volunteers who all work to keep the CMS current. Many of these folks also contribute new features and functionality to the platform.
This might sound like chaos. In fact, many larger corporations do not consider open source tools for that very reason. (“If there’s no one in charge, who can we blame when things go wrong” is a perhaps less-than-charitable assessment of their concerns.)
The truth is more complicated than that, and while there can be issues with this kind of distributed management, in practice we see that the best open source tools are actually more responsive to market needs and changing conditions than for-profit software typically is.
That makes sense when you think that volunteers working to keep a CMS vital and vibrant aren’t as likely to be thinking in terms of profit margins and cost/benefit analysis. They will want to patch a reported security vulnerability as quickly as possible.
I’m simplifying to some extent and the more open nature of an open source platform can lead to conflicts and incompatibility between plugins, widgets, and other add-ons that simply don’t occur in a more unified system. Still, open source tools do power quite a bit of our web infrastructure and some of the leading web CMS platforms are open source, like Wordpress.
CMSes to Consider
The single most installed CMS on the web is Wordpress. As I write this in 2022, nearly two-thirds of websites are powered by Wordpress. Does that mean it’s the right choice for you? Perhaps, but there are advantages and disadvantages to consider.
With its dominant position, it attracts a lot of developers, who see it as a secure, market-dominant tool they can invest time in learning and then have stable income from that investment.
That means you have a large choice of developers to work with, all of whom have various areas of specialization and expertise, different approaches, and differing price points.
It also means that the ecosystem of add-ons—plugins, widgets, etc.—is fairly enormous. Whatever feature you want to add to your website, you can probably find a plugin already available. Rarely will you need to do much in the way of custom coding.
It’s always worth noting that there’s a bit of a network effect with Wordpress. It becomes more popular because it’s popular. By this I mean that we find many clients come to us predisposed to using Wordpress because they already know how to work with its dashboard, and there won’t be a learning curve to making editorial updates.
That popularity comes at a cost, though: hackers also like a secure, market-dominant tool they can invest time in learning and count on long-term returns on that investment. This makes Wordpress among the most hacked of platforms on the web. (Which places a premium on keeping your Wordpress site and its plugins updated regularly. Once known vulnerabilities are found, hackers exploit them and the Wordpress community moves to patch those problem areas. So most hacking attacks are aimed at sites that are out of date.
That is true of other installed CMSes, so you will always need to budget for and be diligent about maintaining your site. (And backing it up regularly as a failsafe!)
Drupal, which is generally considered to be a more powerful alternative to Wordpress
Joomla
Typo3
Concrete
Kentico
On the hosted side of things, the big players currently are Wix, Squarespace, and Shopify.
Shopify is a leading ecommerce provider with its strengths traditionally in supporting B2C marketers and their sites. There are plenty of B2B ecommerce sites built on the platform, though. And as Shopify has grown, it has added more and more tools that allow you to create a very nice, full-featured website that is more than just a product catalog and shopping cart pages. (In its earliest days, I can remember building side-by-side sites for clients, with Shopify handling the ecommerce needs and Wordpress providing the marketing muscle. That’s no longer necessary.)
Shopify’s exploding popularity amongst marketers with ecommerce needs puts it in a position similar to Wordpress in that a robust ecosystem has developed around the platform and there are now many “apps” that you can install to extend the basic functionality of a Shopify site.
Wix and Squarespace provide ecommerce capabilities—as does Wordpress, though I would not count it as one of Wordpress’ strengths—but their focus tends to be on more traditional marketing websites, as is the case with Wordpress, Drupal, etc.
And like Shopify, their functional offerings have grown and improved as they’ve grown and improved and been able to invest more in their platform infrastructure.
The gap has closed between tools like Wix and Squarespace and more mature tools like Wordpress and Drupal. A big advantage of Wix and Squarespace, beyond those I’ve outlined above, is that their tools are much more friendly to non-coders.
I recently advised a colleague, a solopreneur branding expert, to switch to Wix or Squarespace after she told me how she had been struggling with Wordpress for a month trying to build out her new website.
She and I spoke on a Friday afternoon and on Monday morning, I had an email from her with a link to her new site.
You can quickly and easily build an excellent site on your own just that quickly. It helps to have strong design skills to raise it above the cookie cutter look of many template-driven sites. And it helps to have some marketing smarts to organize the site and present your message in a way that will be effective in wooing prospects. But these platforms remove the insurmountable wall—coding—that many marketers face when considering how to build a new site. Whether DIY is the appropriate choice for your firm is another conversation entirely.
The Middle Ground
Although hosted and installed solutions are the two most common, there are a couple of ways that combine elements of both options.
The approach nearest to the middle ground is usually referred to as managed hosting. In this scenario, you get the flexibility and power of a fully customizable CMS like Wordpress, but can hand off the maintenance and management of the installation to the hosting provider. Some of these providers even include a “one-click” installation option to further speed the process and remove some technical hurdles.
You still have to plan, design, and build out the site, but that is true of hosted solutions, too. And once you’ve worked through construction, you are able to maintain site content without much (if any) tech support beyond what the managing hosting provides.
Many website hosting providers offer some version of this, though they don’t all call it the same thing. And each will have its own set of restrictions regarding certain add-ons which they may view as security or performance risks. Typically, these won’t be on your radar anyway.
Another Wordpress option is Wordpress.com, which is their hosted solution. As with managed hosting, here you will have to deal with some restrictions but you are once again in a one-stop shopping situation, where much of the technical maintenance burden is covered by your monthly fee. (The installed version of Wordpress is found at wordpress.org.)
Finally, there are also website-building tools tied to various marketing platforms like Hubspot and Mailchimp which can be worth considering if you are already using one of these tools as your CRM platform. (Customer relationship management.)
The upside is impressively tight integration across a number of digital marketing channels, like email marketing and your website, and a much greater focus on attribution than will typically be found in a more traditional hosted or installed solution.
The downside—and the reason these may not be the best solution for many marketers—is that you are tied in to a proprietary system that can make it costly and painful to switch if your marketing or budget needs change.
Combined with the integration add-ons that are available for just about every CMS, the argument is typically stronger against using proprietary tools.
Making Your CMS Choice
If a proprietary tool feels like the right choice for you, though, it doesn’t matter what the typical marketer might find effective. What matters most is your comfort level and how the platform you select fits in with your marketing needs, marketing resources, and workflow.
You and your team must be absolutely comfortable with the platform you choose—or confident that with some time to acclimate, you will be comfortable—or your marketing effectiveness will suffer.
Any friction that is added to the process of adding and editing content, like needing to rely on an outside vendor, will slow your process and ultimately train you not to take advantage of the most timely marketing opportunities since you know that execution will take too long.
Working with a Development Team
Regardless of which platform you decide is the best fit for you, you will be working with a development team of some kind.
That might be a fully staffed external team, an ad hoc group of web professionals, an independent developer, or an internal DIY person or team. With each, there are considerations for how to get the best results.
A full-fledged development team will offer you a range of perspectives and expertise from their marketing, design, and coding members. This is almost a requirement for more complex sites but can be overkill if your marketing presence needs are more modest. And the cost of a full team will typically be higher than other approaches.
An ad hoc team, can save you money, as is the case with the clients who come to us for our strategic expertise and ask us to hand off development documents (wireframes, site map, functional specs, etc. as we discussed earlier in the Defining Your Marketing Goals chapter) to a development team that can do the work less expensively than we can. (Typically an offshore team.) The downside is that you become the “general contractor” on the project, fielding questions from one team to another when details need more definition.
An independent developer is perhaps the least predictable option, so it pays to work with someone whose work you know to be excellent or to get strong referrals. This is because solo developers rarely have a 360° view and will almost always have a focus on one area of building a site: design or coding or message but not all three. That can lead to problems if, for example, a great designer builds you a website without understanding how to make the site SEO friendly, or without addressing accessibility compliance.
A DIY team gives you tremendous flexibility, particularly if the team is led by an inquisitive person who understands that they simply don’t know what they don’t know. Seeking out advice and guidance will alleviate problems created by blind spots in a way that solo developers might not be willing to. You also get more flexibility and at least the illusion of cost savings. (There’s no additional cash outlay, but if you already have a full-time job, building a website means there is other work that is not being done.)
Some of these considerations don’t apply to hosted platforms like Wix and Squarespace, but it is still possible to build sites on those platforms that either will or will not perform well technically and from a marketing standpoint. As with installed CMS solutions, you will need to honestly assess the development approach you select as well as the team you decide to work with.
Website Hosting
One thing you won’t have to worry about with hosted solutions is website hosting. It’s built right into the product you’re paying for. For installed solutions, you will have a decision to make.
Your developer will almost certainly have recommendations. If you trust them enough to build your site, you should trust them enough to recommend a hosting provider.
The exception to this would be any recommendation that you host the website yourself. This was a viable option many years ago, but commercial hosting is now so affordable and so reliable, that there is no reason to take on the burden of buying, provisioning, and maintaining a web server on your own as a small business.
Beyond that, I would also suggest that you make a reasonable investment in your web hosting. The mass-market providers who offer hosting at less than $5 per month may not be the best choice. Sure, you know their name and have probably seen their ads on TV, but offering prices that low isn’t just a function of the economies of scale their size affords. It’s cutting corners that may affect your site’s technical performance.
A smaller provider may be more expensive, but will also be more likely to have higher-quality infrastructure, better-trained support staff, and a deeper investment in security, redundancy, and other safeguards worth paying for. As I write this, $15 to $25 per month (often discounted for longer-term commitments) seems to be the sweet spot.
That’s for “shared hosting,” which places your website on a server alongside hundreds or thousands of other small business websites. Better hosting providers managed these shared servers well and keep the needs of one site from adversely affecting the performance of other sites on the same server.
Occasionally there can be problems that any reputable hosting provider will remedy or move you to another server at no cost.
VPS hosting, which stands for virtual private server, is a step up. It still places your site on a server with many other sites, but the server is divided up into a number of virtual machines. So your site is effectively quarantined from its server-mates.
This gives you more control over the hosting environment, which can allow you to optimize settings for your site’s needs. But it also puts hard limits on resources like disk space and RAM.
On shared hosting there is a larger pool of both, but many hosting providers allow sites to go over their resource limits occasionally. This becomes problematic if all sites happen to need more-than-usual resources at the same time, but is otherwise an efficient approach. If you go this route, you’ll want to be sure you have a managed VPS so that the hosting provider is maintaining the hosting infrastructure to keep it safe, secure, and performing optimally.
Dedicated servers are, as they sound, servers that are set up to host only your site. They are typically far more expensive than shared or VPS hosting. With that greater investment you get near complete control, as well as the advantage of having a server that is located not in your office with an overloaded and underpowered Internet connection, but in a professional hosting facility with physical and virtual security for protection.
Most small businesses will find shared hosting meets their needs, though you may grow out of a basic shared hosting package into a more robustly provisioned shared packaged and even on to VPS as your marketing needs change and grow.
Website Security and Hardening
For as long as the Internet has existed there has been an arms race between hackers who are trying to exploit your website and developers and web managers who work to keep your website safe. Developers make things as safe as they can, managers tighten things further, and hackers poke and prod until they find a weakness. Developers patch that vulnerability and the whole process starts again.
As a website owner and marketer, your role is to budget the resources—time and expertise—to make sure your website is as secure as possible. Let’s start with the basics:
Update Regularly
Wordpress and any plugins you have installed should be updated regularly. The same is true for the “core” code of any other CMS you might be using, and any plugins, widgets, apps, or other add-ons that help power your site.
Before you install any add-on, review it thoroughly to make sure it is safe and secure and regularly updated itself. Add-ons that are poorly maintained by their development teams can be the weakest link in your security chain. Vet them well before installing and you shouldn’t have any issues. Seek out plugins that are well reviewed, regularly maintained, and that have responsive development teams behind them.
Back Up Your Site Regularly
How often will depend on how actively your site content is updated. We typically recommend backing up the site either weekly or daily, and storing at least one month’s worth of backups.
Storing a reasonable library of backups will help ensure that if your site is compromised, you’ll have a clean backup to go back to even if you aren’t immediately aware of an issue.
We also recommend that you back your site up to a file depository off the web server, which guards against losing your site to a catastrophic server failure.
With many hosting providers, this will be redundant, since they are guarding against calamities like this. But if their issues take days or weeks to sort out, you can be without a site for that whole time. With off-server backups at your fingertips, you can quickly and easily restore the site to a different hosting provider, whether permanently or temporarily.
Security Monitoring
Not every attack will be visible to you or your site visitors. Malicious code can be installed into the site and do its dirty work without you ever being able to tell just by visiting the site. (Or even when you log in to make editorial updates.)
Typically, that kind of attack is not aimed at harming you or your site visitor, but it can still have unintended negative consequences. Prime among these is getting your domain blacklisted.
This occurs when search engines and other entities on the web detect that malicious activity is tracing back to your domain. They won’t necessarily have any way of knowing whether your site is a legitimate website or a front for the malicious coding lurking underneath.
Blacklisting can affect your email as well as your website, and once you’re blacklisted it can be very difficult to reverse the process.
To combat this, you should have some form of security monitoring in place that alerts you to potentially negative activity on your site. You can then take action quickly before there is any chance of blacklisting. You will also minimize how far into your backup archive you’ll need to dig to restore a clean copy of the site. The further back you have to go, the more content changes you’ll have to recreate.
Manage Passwords Intelligently
You’re not using “password123” as your password, are you? Or the same password you’ve had in place since 2012? (Which you also use on every other account you log into?) These are no-nos you should avoid.
You can also check to see whether your passwords have been compromised. Various websites exist that perform this service, and many of the popular password managers do, as well.
Two-factor authentication can be annoying, particularly if you are part of a team and that team works remotely and from different locations. It can also help prevent access more completely than passwords alone.
Single-Sign On is another approach that helps with security and controlling access. SSO allows you to control access more conveniently if you have contributors to your site whose access you’d like to control. (Like a vendor who needs login for a few weeks of work once in a while.)
SSO can be expensive for smaller businesses, but some of the better password managers offer a version that while not as feature-rich as a purpose-built tool like Okta, is far more budget-friendly for most small businesses.
A quick word about password strength. Those crazy rules saying you must use an upper case, letter, lower case letter, numerical character, and special character may be just that: crazy. Longer passwords can be tougher to crack, even without the requirements for different characters.
Longer passwords can also be easier to remember if you create phrases rather than single words. The length of “nowisthetimeforallgoodmen” alone—25 characters—makes it hard to crack even though all 25 characters are lower case letters.
Finally, you should consider adding code to your site that limits the number of log-in attempts that can be made before the site is locked as a further protection.
Control Access
With or without an SSO platform in place—which can help you control access to far more than just your website, by the way—you should also be diligent about deleting credentials for anyone who no longer needs access.
Doing this manually isn’t generally too onerous a task, though it can be hard to keep track of exactly what an employee has had access to. You’ll want to delete their access or, for accounts where you have just one log in, change the password. (Accounts like your email marketing account will typically have just one login included.)
This is another area where SSO is useful and can save you time in the long run.
Let’s take a look at some of the more technical ways you can harden your site to keep it safe.
Run Lean
Delete unused themes and plugins and other related files, including any old versions on the server. Even if they’re sitting there alongside your live site “just in case,” they can be exploited in the same way your live site can. (This can also improve site speed and other performance metrics for your site.)
Delete Defaults
Every CMS installation starts its life in exactly the same shape and size as every other installation of that same CMS. From that plain vanilla beginning, you customize the code to fit your needs for design, layout, functionality, and structure.
Despite all of that customization, beneath the surface there are a great many points of vulnerability that remain common to most sites. These defaults include things like the default admin user ID, the directory in which your login page is found, prefixes for databases, and other areas that could provide entry to hackers.
Changing these will protect your site further. For example, whether your passwords are strong or weak, it’s much harder for a bot to guess your password correctly if it is pairing that password with the wrong user ID. So changing “admin” to something like site-name-admin, where you substitute your site’s name for site-admin, makes it far less likely that a bot can use a brute-force attack to enter. (Though it would be wise to be more creative in creating a new admin ID name.)
mysitename.com/login
mysitename.com/greatmarketing
Again, being creative can help make this tactic more secure, but if you are using a good password manager, you shouldn’t need to memorize or even type in the login URL. Simply open your password manager—the only password you’ll need to remember—and login from there.
Firewall Protection
Many of the security and hardening ideas discussed above are largely non-technical and focus more on the human side of your site. What hackers sometimes refer to as “social engineering.” There are, of course, more technical tools available to protect your site, including firewalls.
A firewall, whether it is hardware-based or software, acts as a gatekeeper, with all traffic to your site first passing through the firewall. The firewall examines the traffic in an instant and blocks any that appear to be malicious. This cuts the chance of a malware or other hacking attack ever reaching your site, so it adds a layer of protection beyond the hardening you’ve put in place.
Hardware firewalls are generally more robust, but also more expensive and complex. Software firewalls are simpler to set up and maintain, and cost less. Which is better for you will depend on the kind of data that your site handles. For highly-sensitive information like financial transactions, you are going to want a higher level of security.
SSL Certificates
It’s almost not worth talking about SSL certificates since they have become so widely used, but it is worth saying that no site, even sites that are purely informational, should be without an SSL certificate.
The certificates help establish who owns and controls the site and most browsers will not display an icon or message when a visitor attempts to view a website not covered by an SSL certificate.
So even if you don’t process sensitive information, you do want to give your visitors the peace of mind that your site is as secure as possible.
File Permissions and Database Security
Another area where defaults can be set to leniently by default on many CMS platforms is file permissions. This definitely gets into more technical territory, so I won’t go into detail, but it’s important for you to check with your development/site management teams that only those files and directories that are absolutely required to be editable are. Everything else should be read-only.
It’s also possible to control access to sensitive directories by IP address. This would preclude anyone who is not accessing the server from a predefined list of IP addresses would not be permitted access.
Similarly, many CMSes have standard prefixes for database files. These should be changed wherever possible to make it harder for hackers to find and compromise them.
Privacy
Though privacy isn’t technically a security issue, the two do go hand-in-hand. Many of the steps outlined above that are focused on protecting your site will also protect the privacy and data of your site visitors.
And that’s a good thing, since solid user experience relies on your visitors feeling comfortable as they navigate your site.
It’s also good business, as there are regulations that require you to protect the personally identifiable information (PII) of your site visitors. You’ve likely heard of some of these—GDPR, The Safe Act, etc.—even if you aren’t sure how they apply to you.
The patchwork of regulations is confusing, and likely to remain that way for some time, so it is better to err on the side of caution, and do all you can to protect the PII that your site gathers. You’ll be protecting your site, as well.
Accessibility Compliance
Another area that has both usability and regulatory implications is whether your website is accessible to people with various disabilities.
Sufficient contrast between text and the background on which it sits
“Alt tags” that describe the content of images on your site
Site coding that allows screen readers—the tools commonly used by people with visual impairments—to understand and navigate the structure of your site and individual pages within it
Other areas of concern include making transcripts of any videos on your site available for those with hearing impairment.
All of this can take some effort, but with the correct coding approach, accessibility compliance does not require an inordinate amount of extra effort to address as you build a new site.
If your site is already built and not WCAG compliant, you might consider one of the many tools that provide ways to accommodate visitors with disabilities without the significant expense of retrofitting the site. AccessiBe is a tool worth considering in this area.
Key Takeaways
The technology that drives our digital marketing can seem intimidating, but is easily managed if you have knowledgeable partners you can rely on.
There are many worthwhile CMS platforms to choose from. Before you make a decision, consider whether a hosted or installed solution is a better fit for your needs.
Depending on the platform you choose and your needs, you may be able to build your website yourself. If you do not have marketing and design expertise or resources, consider bringing them in or your finished website is unlikely to meet your audience’s expectations or perform well as a marketing tool.
Similarly, be sure any development team you work with is well-rounded. Sites that are built by designers without solid coding knowledge—or vice versa—will also likely underperform.
Whether you build on your own or with a team, pay attention to your site’s security, how it protects visitor privacy, and how accessible it is to visitors with disabilities.