Sandstorm Blog

Jeff
Sandstorm developers Joe Ruel and Jeff Umbricht at DrupalCon 2018

Every year since 2005, the Drupal community has flocked to DrupalCon to learn, explore and share. This year, the Sandstorm® team headed to Nashville, Tennessee–site of DrupalCon 2018–to get the latest updates on one of our favorite CMSs, find inspiration, and get our hot-chicken fix. Here are a few of the things we took away from this year’s conference.

1. “Clients buy solutions not code.”

Software wizard Vladimir Roudakov reminded us that no matter how impeccable and innovative our code looks, what’s most important to our clients is that our code solves the problems they’re facing. It was a great message to ground us throughout our time in Nashville.

2. By 2020, there will be more than 50 billion connected devices
                      and
3. Most traffic on the internet is non-human

Developer advocate Emily Rose made a pretty compelling case for why we’ll be developing for humanoids in the not-so-far future. With 61% of the internet made up of bot traffic and connected devices estimated to outnumber people 6:1 in two years, that’s a concept that’s hard to argue with.

4. Increasing page speed by one second can increase conversion by 27%

Google announced that by July 2018, pagespeed will be a ranking factor for mobile searches. For businesses to reach that coveted first position in the search engine, they’ll need to make sure their site loads lightning fast. And the reward—a big bump in conversion rate—will be worth it.

5. Drupal makes big dreams a reality

To celebrate the total solar eclipse, Miles McLean and Ken Fang used Drupal to create a once-in-a-lifetime viewing experience, integrating more than 20 video feeds and real-time tracker. Forty million people used the tool to see the solar eclipse.

If you’re looking to do big things with your website, drop us a line.

This blog was posted by Jeff on May 2, 2018.
Jeff Umbricht

About the Author

Jeff Umbricht

Jeff is an Illinois native with a passion for web development. Making code into great things drives him every day. He’s often busy building awesome experiences for Sandstorm clients, and there’s a high probability that he’s rocking out to metal while he codes.

Sean
Website vulnerability to hacks

Whether it drizzles or pours, it’s good to be carrying an umbrella.

Back in 2014, Drupalgeddon rained cats and dogs.

Drupal released a critical security update on October 15, 2014 with express directions to address the vulnerability within seven hours of the release. Unfortunately, a large number of system administrators didn’t grab their umbrellas, and—to stretch this metaphor to its limit—they got soaked. It was a wake-up call, to say the least.

So four years later, when Drupal released a similarly critical security update that many people called Drupalgeddon 2.0, the admin community was prepared. At Sandstorm®, we started planning right after the announcement, and when the update was released, we secured more than 30 sites in a single afternoon.

But we’ve always understood the importance of taking security updates seriously, whether it’s 2014 or 2018. Because staying on top of these updates is just one easy way to keep your systems safe. And as recent hacks and data breaches like those from Saks and Lord & Taylor continue to show, your safety is under constant attack.

So what else can you do to keep your site as safe as possible?

1. Move your site to HTTPS

More than half of internet traffic is now encrypted, which is great news. Having your site use HTTPS (SSL/TLS) helps protect against session hijack attacks, because all traffic between your server and the client is encrypted.

This is such a boon to security that Google has been talking about penalizing sites that don't use HTTPS. Most notably, the Google Chrome browser will start indicating sites without HTTPS as insecure, starting in July 2018. Just one more reason to get a move on.

2. Take charge of your passwords and access

A major line of defense for any infrastructure is good management of credentials. As individuals and institutions, we now have a number of tools at our disposal, such as password managers, policies, etc.

But what is often forgotten is to consistently and comprehensively review who has access to your systems. As a result, old employees still have access to sites and accounts, creating vulnerabilities that are just waiting to happen.

3. Keep your server and applications up to date

When security updates are released, they represent known vulnerabilities. It’s imperative to apply the updates immediately, or risk leaving a door open for malicious activity.

Ensure that your server is applying updates on a regular basis and that your web applications are updating any relevant frameworks or libraries. An ounce of prevention is much more cost efficient than trying to recover from a compromised server or application.

4. Ensure you have frequent backups

If something ever does happen, you want to be able to roll back to a safe state. That’s why it’s so critical to make sure your servers and your application have automated backups.

Most hosts offer backup services for a small additional fee, and you’ll want to ensure that these are configured and working.

5. Proactive threat management

Be proactive. Start a conversation with your host provider about threat management, and ask about automated systems that look for irregular traffic. Ask your web vendor about how code is managed on the server, and spend the time to find a solution that’s right for your organization.

Still not sure how you can stay protected? Sandstorm can help! Feel free to drop us a line, so we can help ensure your site is secure.

This blog was posted by Sean on April 12, 2018.
Sean Fuller

About the Author

Sean Fuller

As Technology Director, Sean is a hands-on developer and technical lead on projects. He works with design and strategist teams from kick off through launch to plan, design and execute technical solutions for client projects. 

THIS FILE WAS POSTED UNDER: 
this file was posted under: 
Emily Kodner
NICB Drupal 8 E-Commerce Site

At Sandstorm®, we take security seriously. For the not-for-profit National Insurance Crime Bureau (NICB), that means preventing insurance fraud and theft across the United States. NICB turned to Sandstorm to design and develop a brand-new website that could better help them advance their mission.

The launch of this site represents a significant shift for NICB. The previous website addressed two audiences: the general public and current members. By focusing on non-member audiences, NICB can more clearly convey their message and raise awareness with common consumers.

With an iterative, user-centered approach that utilized usability testing to refine navigation items and page layouts, we designed an intuitive user experience that we developed in Drupal 8. By building in the newest version of Drupal’s content management system, we were able to give NICB a robust e-commerce platform with an intuitive administrative interface.

We are honored to help NICB raise awareness of their mission and help combat insurance fraud and theft. Check out the new NICB website for yourself.

This blog was posted by Emily Kodner on November 21, 2017.
Emily Kodner

About the Author

Emily Kodner

Emily is our Web Strategy Director. She consults with clients, leads projects and works alongside our team of creatives and developers to provide solutions to complex business challenges.

Emily Kodner
Association for Corporate Growth launches new, responsive website.

At Sandstorm®, we thrive on designing and developing exciting new websites. But we also know how important a great event can be. That’s why we couldn’t have asked for a better opportunity in creating a site for ACG.

The Association for Corporate Growth (ACG) is the global community for business leaders focused on driving middle market growth through mergers and acquisitions. As a chapter-led organization, ACG is heavily focused on events, holding over 1,200 around the world each year for industry professionals and the association’s 14,500 members to network.

In order to drive their own growth, ACG turned to us to design and develop a website platform that provided individual sites for the global organization as well as its 58 chapters. Each site not only needed to be mobile friendly and visually appealing, it needed to be user friendly and easy to manage for each chapter, an objective we were able to achieve as a result of several efforts:

  • Attending ACG’s annual event and conducting stakeholder interviews to hear directly from leaders and members what they needed from the new website
  • By integrating the Drupal 8 content management system (CMS) with the netFORUM association management system (AMS)
  • Conducting a usability study on the new design to ensure it was intuitive and easy to use
  • Building a collaborative space for chapters and committees to digitally communicate and share essential documentation

We’re honored to help ACG continue driving middle market growth around the world. Check out the new ACG website for yourself.

This blog was posted by Emily Kodner on June 20, 2017.
Emily Kodner

About the Author

Emily Kodner

Emily is our Web Strategy Director. She consults with clients, leads projects and works alongside our team of creatives and developers to provide solutions to complex business challenges.

Nick
Drupal vs. Wordpress

Over the years, Sandstorm® has built websites on content management systems (CMS) using a variety of programming languages: Python, .NET, and PHP to name just a few. These programming languages support CMSs like Django, Kentico, and Joomla, respectively. Two of the most popular CMSs are Drupal and WordPress, built on PHP.

A common question we hear from clients is whether they should use Drupal or WordPress. While there’s no right answer, there is an answer that’s right for you. Each one has its place, so we've laid out where you can gain the most benefit from each CMS.

The Benefits of Drupal

Speed and Performance

When it comes to a scalable CMS that can support high-volume traffic and vast libraries of content, Drupal beats out WordPress. Not only does Drupal offer better performance out of the box—including default cache features that help pages load faster—it’s more robust for handling complex projects with lots of functionality.

Security

Drupal is favored by many top companies and government agencies, including whitehouse.gov, for its enterprise-level security. Drupal has a very active security team with a stringent review process for plugins and a robust permissions layer that provides nuanced limitations for user access.

WordPress, on the other hand, is a popular target for hackers whose malicious attacks often succeed due to fully coded plugins compromising security. Additionally, WordPress doesn’t provide the flexibility in tailored permissions that Drupal does.

Lead Conversion

When it comes to getting leads through web contact forms, WordPress requires third-party tools like Gravity Forms or JotForm, which will cost you extra.

With Drupal, web form functionalities are already built into the platform, so you don’t need external tools. Drupal can also enable rules and set up triggers so that when someone fills out a form on your website they receive an SMS message from your company, which helps with lead nurturing efforts and potential conversions.

The Benefits of WordPress

Ease of Use for Small Businesses

Since WordPress started primarily for less tech-savvy bloggers, small businesses with a junior development team benefit the most from the platform. Additionally, most writers and content managers have some experience with WordPress, so there's little need to train them on the platform.

Where It's a Toss Up

Supportive Community

Drupal and WordPress users have created diverse global communities that offer international conferences like DrupalCon and WordCamp; local training events and Meetups; and active forums where users can ask questions and learn more about the platform. While the WordPress community is larger than Drupal’s, it’s uncommon that you would run into an issue with either platform that someone hasn’t encountered, and solved, before.

Search Engine Optimization

It doesn’t matter to Google which platform you use, and both platforms offer excellent plugins and modules to help you with your SEO, including Yoast for WordPress and Content Optimizer for Drupal.

At Sandstorm®, our experts have extensive experience developing, designing, and writing in Drupal, WordPress, and many other content management systems. We’d love to find the one that’s right for you.

This blog was posted by Nick on May 1, 2017.
Nick Meshes

About the Author

Nick Meshes

Nick is Sandstorm’s Director of Analytics and Technology. He’s boosting our quantitative focus. He’s busy increasing our capabilities in web analytics, website optimization testing, SEO, SEM, display advertising, business intelligence, and personalization.

Joshua
Responsive web app

While it would have been easy to take a don’t-mess-with-success approach, our warrior spirit drove us to collaborate with a large insurance company's federal employee program to further optimize their existing responsive web application (which we built a year earlier) to continue to increase online enrollment.

We started with a thoughtful review of their Google Analytics and conducted a heuristic analysis of the app. This allowed us to dig into the data analytics and find new opportunities to improve the application. Combine that with our existing expertise in the FEP program, and we were able to make some adjustments and update the overall interface to provide their users with an even more intuitive tool to help them find a benefit plan that fits their needs.

Sandstorm® is ready to help you develop a web app to convert your users.

This blog was posted by Joshua on October 19, 2016.
joshua sovell

About the Author

Joshua Sovell

As the Marketing Manager Joshua is in charge of crafting the Sandstorm narrative via compelling blog content and community engagement.

Adam
Front-End Developer Adam Smetana Joins Sandstorm

My name is Adam Smetana and I'm the newest addition to the Sandstorm dev team! Also, I have a twin sister. Fun fact: that's been my go-to icebreaker for as long as I can remember. (And no, we are not identical.)

I hail from Wisconsin, the land of cheese, kringle, and really, really good beer. As my favorite writer Hunter S. Thompson once said, "Good people drink good beer." My favorite cheese is parmesan, favorite kringle flavor is pecan, and favorite Wisconsin beer is anything from Lakefront Brewery.

My development experience and passion

I've been in the Chicagoland area for about 6 years now, ever since moving down here to go to Lewis University in Romeoville. I graduated with a degree in computer science and the goal of working in web development and web design. I also got minors in social media and theatre because, well, why not? I enjoy being social and still like to act occasionally, whether serving as an extra, performing karaoke, or awkwardly photo-bombing Barack Obama's website.

I started my career as a front-end developer doing various freelance projects. As my experience grew, my interest in learning and absorbing everything I could increased along with it. There really is nothing more rewarding than seeing something you created come to life in a medium that can be viewed anywhere and everywhere in the world.

More fun facts!

Most of my interests outside of work revolve around music. I know how to play 3 instruments (guitar, ukulele, and piano - if you must know), have read every issue of Rolling Stone within 24 hours of it landing in my mailbox, and go to as many concerts as I can. The show I'm most looking forward to this summer is Paul McCartney at Grant Park, which might rival The Replacements as Show of the Year (an award that exists only in my head). My top 3 favorite movies (in no particular order) are Halloween (1978), This is Spinal Tap, and High Fidelity.

I am so excited to be coming on board here at Sandstorm as a Front-End Developer and learning all I can about Drupal. Now – time to start cranking out some mind-blowing sites with this wonderful team. Cheers!

This blog was posted by Adam on July 17, 2015.
Adam Smetana

About the Author

Adam Smetana

Adam's busy developing awesome websites for our clients. We'll have an equally awesome bio soon. 

Amanda T
Sandstorm develops a responsive website for Urban Innovations

Our relationship with Urban Innovations began way back in 2007 when we originally designed their website. So by the time 2015 rolled around, we were all in agreement that it was time to give the site a fresh, new look with a user experience design that would attract new tenants and investors alike.

In addition to the Drupal website development project, we took this opportunity to reflect upon the evolution of the Urban Innovations brand. We worked closely with Urban Innovations to develop their new brand positioning and value proposition to ensure that the web content clearly and directly communicates what visitors want and need to know, all while optimizing the content for search engines.

The end result: an easily updatable, responsive website that communicates the Urban Innovations difference. The tablet and mobile menus make the site easily accessible on any device, and the parallax on the homepage draws visitors into the experience. The commercial and affordable property sections allow Urban Innovations to show off their real estate portfolio while also providing users with pertinent information about amenities and neighborhood details.

Check out the new urbaninnovations.com, and you’ll see why we’re so excited about it!

This blog was posted by Amanda T on April 22, 2015.
Amanda Tacker

About the Author

Amanda Tacker

Amanda is a Digital Strategist with several years of experience on both the agency and client sides, with both B2B and B2C clients.

Michael
Chicago Web Development Firm Attends Drupal MidCamp

Sandstorm is proud to once again be involved in Drupal MidCamp. MidCamp (also known as the Midwest Drupal Camp) is an annual event held in Chicago that brings together people who use, develop, design, and support Drupal. This year’s MidCamp will be March 19-22, 2015 at the UIC Student Center East.

Sandstorm is a bronze sponsor this year, and we’ve got web developers, strategists, and web designers attending. Last year, I had the pleasure of speaking about user research techniques, which was a blast. This year I'm looking forward to mingling with regional Drupal developers and attending sessions on Drupal 8, "headless" Drupal, and automated testing.We're also on the look out for another solid Front End Developer here at Sandstorm. If that's you, get in touch.

You don't have to be a developer to get something out of MidCamp. There are plenty of promising sessions for people new to Drupal and project managers working with the CMS. We hope to see you there, and have some fun!

This blog was posted by Michael on March 13, 2015.
Michael Hartman

About the Author

Michael Hartman

As Sandstorm's Technology and Usability Director, Michael leads our developers and usability researchers in creating web sites and applications—both desktop and mobile—that embody our favorite blend: intuitive user experience and dynamic Drupal development.

Michael
Why do you need a website maintenance plan for your Drupal website?

Congratulations on launching your new Drupal website. You can now rest assured that you never have to think about it again. It will automatically generate revenue and keep itself running for decades to come. Pat yourself on the back and have a drink. Your website is complete.

Well... this might not be entirely true.

In reality your website is never really finished. Just like with a car or home, things degrade over time. Your website is no different and you need to have a website maintenance plan.

What is website maintenance?

It is the process of keeping your website up to date and running smoothly. It involves applying security patches, monitoring web server performance, and maintaining your code base. This is on top of maintaining your content, products and/or users. You gotta do that, too. Major reasons to have a maintenance plan include security, performance, backups, and other considerations.

Security

Hackers are always looking for ways to compromise websites through new techniques or insecure code. It’s critical your website remains as secure as possible. This often involves applying security patches or software upgrades both at the code and server levels. One advantage to open source software like Drupal, is the community of developers finding security holes and contributing patches.

This is also a double edged sword. Once hackers identify a security hole, they can exploit it by targeting unmaintained sites. You are running a huge risk if you’re running a Drupal site and not keeping up with Drupal core and module security upgrades.

Performance

Performance affects the amount of time it takes for your website to load for a user on their device. This includes time to complete transactions like adding a product to a cart or submitting a form. Good website performance is good usability. Users will abandon a poorly performing website never to return. It’s also good for search engine optimization (SEO).

We include performance testing and tweaking as part of the launch process. Yet, performance can degrade over time as code, content, or the server environment changes. Perhaps your site’s traffic has increased and now requires more resources to meet user needs. Wouldn’t that be great? It is great if you’re monitoring your traffic, server performance, and page load times so you can ramp up to meet the demand.

Backups

Another component of a good website maintenance strategy is a solid backup and restore plan. Most web hosts keep some level of back ups and will either restore your site as part of your hosting package or for a fee.

While this provides a safety net, they usually only keep a short window of backups. You may need to restore your site to an earlier point than your host has kept. Or you may need to restore to a point since your host’s last backup. A defined backup strategy allows you to quickly bring your site back online whatever the case may be.

Other considerations

Broken Links
Each website page links to internal pages and external websites. These links can change over time as content expires and changes or as sites get redesigned. Keeping an eye on broken links and updating or adding redirects when urls change should be part of your maintenance plan. Broken links are detrimental to your SEO.

Web forms
It’s a good practice to test and confirm that each of your web forms are working as expected, this may include contact us, event registration, and newsletter signup forms. Hopefully you’re seeing regular submissions, but it’s possible another update affected these forms. We like to confirm everything is still working after applying other updates to a site.

Development and staging environments
When implementing development updates, you should avoid deploying new code and patches to your live website. It’s important to have a separate deveopment environment for developing and testing new features and security updates. You use a staging environment to review and confirm these updates before releasing them on your live website.

The value of maintenance

The cost of website maintenance outweighs the cost of fixing problems caused by a lack of maintenance. A website maintenance plan is an added level of insurance against security and server-related issues that can cause grief and lost revenue. At the end of the day, a well-maintained site is another component of a great user experience.

Need help with Drupal website maintenance? Get in touch.

This blog was posted by Michael on February 20, 2015.
Michael Hartman

About the Author

Michael Hartman

As Sandstorm's Technology and Usability Director, Michael leads our developers and usability researchers in creating web sites and applications—both desktop and mobile—that embody our favorite blend: intuitive user experience and dynamic Drupal development.

Pages