Black Friday and Cyber Monday are the Super Bowl for e-commerce. The holiday season kicks into gear for businesses with the biggest online shopping days of the year during Cyber Week. The window from Black Friday to Christmas can make or break the sales and revenue for small to midsize businesses (SMBs) all the way up to large businesses such as Nordstrom and Target. For every business, though, success or failure comes down to how well your website holds up to the influx of holiday user traffic.
Continue Reading Below
When customers are entering and browsing your website, adding products to their cart, and checking out, every second counts. Digital performance management company SOASTA said the sweet spot—the website load time that corresponds to peak conversions—could be two seconds or less in 2016. Between Cyber Week 2014 and 2015, SOASTA analyzed 1.5 billion beacons worth of user session data. SOASTA found that peak conversion load time shrank from 3.8 to 2.4 seconds, and also found that, in 2015, slower pages experienced up to a 58 percent increase in bounce rate. The numbers go on and on, but the correlation is simple: website problems in those key moments equal lost revenue.
To make sure their website is prepared, businesses need to do the legwork before and during the rush. I spoke to Gus Robertson, CEO of application delivery and scalable web infrastructure provider NGINX (pronounced "engine-x") about how businesses should prepare. We discussed the mechanisms that should be in place to prime for the best and plan for the worst during Cyber Week.
NGINX and its open-source software have been around since the early days of the internet. According to the company, NGINX software powers more than 55 percent of the internet in one form or another. Robertson said he's seen the internet evolve from simple webpages into complex, web-based applications that deliver user experiences (UXes) to a wide range of devices and screen sizes. At the same time, more and more retail revenue every year comes from the web.
"We're seeing this transition where e-commerce transactions are becoming equally [as], if not more, important than brick-and-mortar sales in physical stores," said Robertson. "When your website goes down, you shut down a large chunk of your business opportunity. Don't let your best and busiest day become your worst day. There are very basic things you can do to make sure you're as well-protected and prepared as possible."
Continue Reading Below
Robertson laid out 10 tips to help your business test its website and make a game plan for the rush. This way, you'll be prepared and know how to respond if something on your website goes wrong at the worst time on Black Friday or Cyber Monday.
1. Monitor Your Website
Robertson said it's a no-brainer for businesses to have a website monitoring or application performance management (APM) solution in place. These kinds of tools give you complete visibility into not only the front end of your website, but a holistic look at the entire web application and compute resources.
"We're dealing with very different application architectures than we were a couple years ago. When something goes wrong, you need to look not just at the infrastructure itself and things like response time, but the cause," said Robertson. "Customers of ours use tools like New Relic, AppDynamics, and Datadog to find out not just what's faulting or not performing on the back end, but the UX on the front end. Several seconds of delay could mean a user goes to your competitor's site and buys the product there instead."
2. Preemptive Load Testing
Load testing means putting demand on a website by using simulated traffic to see how many concurrent users it can handle. Robertson stressed that load testing should be done early and often, not just on normal traffic but by pushing the website to its limits to handle peak traffic levels.
"You need to load test at normal traffic—what you expect it to be—and then [on] the maximum traffic you could ever potentially expect," said Robertson. "You need to see how that load testing impacts performance, but also the back-end resiliency of your site as that traffic comes in."
3. Performance Testing
As you load test, Robertson said it's also important to think about the UX. Load and performance testing go hand in hand because your website need to be able to not only handle many users without crashing, but then it needs to deliver fast-loading pages and a responsive interface to keep those customers happy and engaged in the shopping experience.
"You want to deliver the best user experience you can for the customer that's trying to interact with your site and have a relationship with your company," said Robertson. "A high-performance web application should be getting the customer to the right information through the site without a lot of hassle. That's what the customer experience is about."
4. Test Critical User Workflows
Part of that performance testing is going beyond load times to actually test the user flows that will receive the most metaphorical foot traffic on your website. Robertson said testing things such as the hottest product pages, shopping cart management, and, most importantly, the seamlessness of the checkout process is a key step in successfully driving online sales.
"Businesses are load testing the front of the site but not necessarily the back-end [application programming interface or] API that connects you to the payment gateway," said Robertson. "You have X amount of people in the front of the application but that doesn't tell you if it will work the whole way through. If people are trying to check out from their shopping cart and they can't, you're done. You've lost that conversion."
5. Put Scaling Tools in Place
Regardless of how you've architected your web application underneath (we'll get to that later), NGINX has made its name on being able to quickly scale and allocate web resources where they're needed. Robertson discussed a variety of tools you can put into place on your website to give you some flexibility when high traffic comes in.
"We like to think of NGINX as the shock absorber at the front end of an application," said Robertson. "We do the HTTP heavy lifting. There are all these tools you can put in the front of the app like load balancers, caching mechanisms, or a [content delivery network or] CDN that can help you auto-scale and prioritize certain traffic. So, if users are coming back into a workflow and you have to trade off one traffic source versus another, you could prioritize something like shopping cart checkout to maximize conversions over the resources that are going toward powering the product search bar."
6. Set Up Traffic Cops
Scaling tools such as load balancers and CDNs are one element of NGINX's "shock absorption," but the company also sets up what it calls "traffic cops" for websites. These traffic cops stop security breaches and faux pas such as Distributed-Denial-of-Service (DDoS) attacks. Robertson said "edge services" such as CDNs, DDoS mitigation services, and firewalls can help divert malicious traffic to let the real user traffic through to your website.
"DDoS [attacks] can happen from external bad agents that can take your site down, but you can also accidentally DDoS yourself by having one server pinging another and taking it down," explained Robertson. "Traffic cops mean setting up things like weight limits, pre-set IP addresses, blocking and whitelisting external applications. [There are] a number of mechanisms NGINX can put in place to ensure that service isn't interrupted and you don't allow one to DDoS another. Then, on the front end, you have a [web application firewall or] WAF looking for things like external DDoS and SQL injection attacks."
7. Make a Failure Plan
No business wants to see their website go down during Cyber Week but it happens every year, even to high-profile retailers. Because of this, every business needs to plan for the worst. Robertson said that starts with having a Disaster Recovery-as-a-Service (DRaaS) solution in place to have a backup website tested and ready to go if your main website goes down.
"Make sure your DR site is sitting there as an insurance plan, but also be sure to activate and test it beforehand," said Robertson. "When you're load testing the main site, do the same to your DR site so that, if something does go wrong, you can move the site quickly to that infrastructure.
8. Social Damage Control
The other half of your backup plan is to know your customer service and outreach strategy and, in 2016, that means social media management. Social media is the front line for customer interaction with your brand. If your website goes down, then the first places customers will look for answers are your company's Facebook and Twitter pages.
"If things do go wrong, think about how you would respond on social media and how your representatives would go about informing customers and keeping them up to date," said Robertson.
9. Consider Website Architecture
One of the longer-term conversations your business should be discussing when it comes to your website is about how it's architected and whether it's time for a change. We've written about how applications of all kinds are moving away from monolithic architectures and toward more modular microservices. Robertson said that, ultimately, the front-end tools NGINX provides are no substitute for a dynamically scaling, microservices-based web app.
"Microservices is the way we're seeing large web properties getting the ability to really scale," said Robertson. "If you've written a monolith, you can't rearchitect between now and the holiday shopping rush. But you should be looking at your architecture and thinking about how you can eventually transition. The benefit of a microservice is that you can auto-scale individual components as traffic is hitting them. So, if the image library is getting hit, you scale that or any other service in the app. It's this application architecture valve to adjust for inbound traffic that, around this time of year, can be excessive."
10. C-Suite Buy-In
When a website goes down on Black Friday, the fallout from that doesn't just impact the IT team that's running the website. The CEO or CTO of the company then has to answer to shareholders or to a board of directors about why the website went down and how much potential revenue was lost. Business and technology issues are inextricably linked for online businesses, and Robertson said management and other executives need to know and understand them.
"If you're a CEO and 20 percent of your business is coming from the website, asking the same questions of your CIO is as important as the CIO asking them to their team," said Robertson. "This is high-level, but it's important for executives to know enough about the technology in their company and on their sites to ask the right questions and have a good answer for the shareholders if they're unfortunate enough to need one."