Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu
Home Blog Is Your Website Working? Are You Sure?

Is Your Website Working? Are You Sure?

 

If your organization is operating online, whether it be via an externally-hosted website, a SaaS application or an Internet-exposed internal server, it’s likely the risk of downtime has been discussed and you’ve put plans in place to minimise the impact. But if you’re just starting out or have recently reverted to online methods because of the current climate you may not realise the risks associated with downtime.

What could go wrong?

Internet-facing systems such as websites can experience a number of issues, including:

  • Software updates – Many websites consist of a main content management system, such as WordPress, with a variety of plug-ins used to provide critical functions such as ecommerce, tax calculation and multi-currency. When one or more of these are updated, there is no guarantee that they will continue to work correctly together.
  • DDoS (Distributed Denial of Service) attacks – It can be relatively easy for an attacker to bring your website down by hitting it with a storm of requests from all over the world, overwhelming its capacity and locking real customers out.
  • Hacking – As soon as you expose a server to the Internet, it becomes the target of (often automated) attempts to test your defences and find a way to gain control over your network, in many cases as a route into your internal systems. These attacks can bring your website down.

What are the main impacts of downtime?

  1.  Reputation cost – Downtime of your server or website can have a big impact on how your company is perceived by customers. If your website is down, how does that reflect on your other services? Frequent outages could cause customers to move on or not make that initial purchase.
  2. Revenue loss – If you’re operating an ecommerce website this could be particularly damaging. If a customer visits your website for the first time and it is down, they won’t have a very good first impression, and are unlikely to purchase from you in the future. The more you rely on your ecommerce website for income, the bigger the impact if it is down. Similarly, for software companies, customers may move to a new provider if their experience isn’t optimal due to frequent problems.
  3. Employee productivity – Downtime can take technical employees away from their usual tasks to try to resolve the problem. Often an investigation is required, which may involve support teams recovering lost data or finding the source of the issue. Additionally, your sales team may have to work on improving damaged customer relations and making up for lost sales.

But how do you know your website is down?

Unless you’re on your website or web service all the time, you may not be the best person to detect if it’s working or not. Simple tools are available to perform a basic “ping” to check that the website is there, but often it’s not an all or nothing issue; it may only be your potential customers who realise that your checkout is not working properly because of a failed update. If you’re lucky, one of them will contact you to make you aware, but this could take days and for a busy ecommerce website, that’s a lot of lost revenue.

What you really need is a way to automatically simulate the kinds of actions that your customers do all the time, such as looking at products, selecting a currency and going through the checkout process. And to do this many times a day from as many locations as possible so that you’re the first to know if there’s a problem.

We at Certikit use UpTrends and we have no hesitation is suggesting you take a look at them too. Their innovative software can monitor your website, APIs and servers from over 200 locations around the world, checking that key features are working and providing you with alerts to keep you informed and ready to act quickly if required.

How does the ISO27001 standard help?

The ISO27001 Information Security Management standard is a risk-based approach and helps identify potential issues and solutions within your business. If one of the risks identified is downtime, then you’ll be guided through how to analyse the threat level and implement solutions to lower the risk. As well as monitoring, risk treatments can often include back-ups, software update management and incorporating third-party applications to help.

As part of your risk treatment, a scheduled maintenance programme can also contribute towards ensuring that everything is being done to prevent downtime. This can include:

  1. Server testing and back-ups – If your server or website does go down, it’s important to get it back online quickly. Regular checks and testing of back-ups are key to returning to business as usual.
  2. Regular updates – Maintain the security of your web servers by performing regular updates and patches in a managed way. Automating security updates where possible saves time and ensures they are being completed.
  3. Monitoring – Monitoring your servers can help establish if there are any red flags before the impact is seen by your customers.

Summary

Many businesses rely strongly on their website to interact with customers and make sales, and if it’s down then it can be a big problem. But knowing it’s not working as it should can be a challenge and if you’re not on the ball issues can last for days, where your customers are aware but you’re not. Taking basic precautions such as effective monitoring, backups and update management can help to address the risk and keep your organization’s reputation intact.

We’ve helped more than 4000 businesses with their compliance

Testimonials

Great library of documents that helped tremendously in the development of our respective systems. The organization and hierarchy of the documents were easy to follow.

GC&E Systems Group, Inc.
USA

View all Testimonials

Cookie Control

CertiKit uses cookies to improve your user experience. Some are essential for our website to work, but for others you have a choice over which ones you’re happy for us to use.

Please set the controls below to enable or disable the types of cookies shown.

Nice to have cookies
What are these?

Advertising Cookies
What are these?

Cookie Policy