Your SlideShare is downloading. ×
Planning Your Business Web Site
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Planning Your Business Web Site

283
views

Published on

An overview of the Web site development process for organizations seeking to establish a business-presence on the Web.

An overview of the Web site development process for organizations seeking to establish a business-presence on the Web.

Published in: Business, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
283
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. INTRAPRISETECHKNOWLOGIES LLC Planning Your Business Web Site September 21, 2009 Presented by Donny C. Shimamoto, CPA.CITP
  • 2. Planning Your Business Web Site Today’s Goal – Provide a framework for starting and managing your Business Web Site Session Objectives – Define the different types of Web sites – Identify key success factors for Web sites – Understand the risks of e-commerce – Overview of compliance requirements – Outline a basic project plan for a Web site
  • 3. Donny C. Shimamoto, CPA.CITPBackground & Experience BBA from University of Hawaii at Manoa – Accounting & Management Information Systems Alumni of PricewaterhouseCoopers LLP – Strategic Technology Group – Financial Audit and IT Audit – Washington Consulting Practice Founder of IntrapriseTechKnowlogies LLC – Technology Planning, Management, and Support for small businesses and middle market organizations Focus on risk management, compliance, and business intelligence – Functional Web sites supporting customer transaction and information management
  • 4. Donny C. Shimamoto, CPA.CITPBackground & Experience Assn of IT Professionals (AITP) – Honolulu Chapter – Board Member (2008-present), Treasurer (2009) American Institute of CPAs (AICPA) – TECH+ Conference Steering Committee (2007-present) – Chairman, Business Intelligence Working Group (2009) – IT Executive Committee (2006-2009) Hawaii Society of CPAs – Technology Advocate (2005–2008) – Chairman, Technology Advocacy Committee (2009) Awards & Recognition – “40 Under 40” Accounting Technology Professionals in the US 2007 & 2009, CPA Technology Advisor Magazine – Top High Tech Leaders in Hawaii 2004, Pacific Technology Foundation & Technology News Network
  • 5. Business Web Site Basics Why do I need a Web site? – Not having a Web site will cause people to questions whether you exist – Even just a “placeholder” Web site is better than no Web site or an “under construction” site – Get your business “out there” What does my Web site need to do? – Create enough interest so that potential customers, employees, business partners, and vendors will take the next step and contact or interact with you
  • 6. Business Web Site Basics Objectives of a Business Web Site – Information Distribution “Basic” Web site = get information into the marketplace Can get complex depending on the type/volume of information and security requirements – Business Process Support Information Exchange with Customers/Partners Transaction Processing without e-Commerce support Transaction Processing with e-Commerce support – Relationship Building/Maintenance Customer Relationship Management Community Building
  • 7. Business Web Site Basics – the “Social Web” Objectives of a Business Web Site – Information Distribution The “Social Web” can help to get information out there and bring people to your site – Business Process Support The “Social Web” can help initiate or feed processes – Relationship Building/Maintenance The “Social Web” has totally transformed this area – Customer Relationship Management – Community Building In the “Social Web” this often has a life of its own and can’t be controlled – This can be good and bad…
  • 8. Key Success Factors for Web Sites Information Distribution Sites – Accuracy of information Information presented must be reasonably accurate Especially important when you are not the only provider of that information – Completeness of information Lack of complete information causes frustration At least provide a way to obtain complete information – Timeliness of information Stale information = non-returning Web site visitor Perception of timeliness varies with type of information If you’re not going to have time to update it regularly, don’t put time-contextual information on your site
  • 9. Key Success Factors for Web Sites Information Exchange Sites – Transmission Security (i.e. SSL Certificate) Authentication = Web site is who they say they are Data Transmission Encryption = Protect data transmitted between browser and Web server – Server Security Intrusion Protection = protection from hackers/attacks Standing Data Encryption = Protect data while it is sitting on the server
  • 10. Key Success Factors for Web Sites Customer Facing Sites – Branding and Identity Web site is often the “first impression” An unprofessional Web site = unfavorable impression – Usability and Consistency To allow for wide range of customer technology usage Good intuitive design reduces customer frustration and results in lower level of support calls – Customer Privacy Web site Privacy Policy – manage expectations You MUST live up to the policy you publish – Expect 24/7 Activity and Plan Accordingly
  • 11. Key Success Factors for Web Sites Business Partner Facing Sites – Communication & Collaboration Make sure you understand what your business partner’s needs are, success depends on BOTH parties getting value from the site – Business Process Support Make sure that the functionality you provide matches the business process you’re trying to support – Integration into back-end systems Must be done carefully to ensure integrity of data Business process controls must be put in place to prevent system abuse or unintentional errors – Provide clear lines for Support and Escalation
  • 12. Key Success Factors for Web Sites Community Sites – Focus on the Community and its Members What need in the community is being served? Why would someone come to the site? Why would someone continue to participate in the site? – Moderation of Site Content Clear Terms of Use and Appropriate Conduct Policies Monitor site for abuse/violations However, “Big Brother” syndrome can kill the site – Member Privacy Web site Privacy Policy – manage expectations You MUST live up to the policy you publish
  • 13. Risks of e-Commerce e- Financial Loss – Cost of contacting affected customers – Fines / Damages – Credit reports for affected customers – Repayment of customer losses Loss of ability to handle credit card transactions Loss of Credibility and Future Business Imprisonment – possible when there is gross negligence
  • 14. Information Risks and Losses are Increasing 2008 CSI/FBI Computer Crime and Security Survey – Greatest source of financial loss Financial Fraud moved to the top in 2007 – Displaced Viruses, which has been top for last 7 yrs Financial Fraud stayed at the top in 2008 – Average loss per respondent: $463,100 2007 Losses relevant to e-Commerce $21,174,750 – Financial Fraud $6,875,000 - System penetration by outsider $6,365,900 - Other Web site related
  • 15. Information Risks and Losses are Increasing
  • 16. Information Risks and Losses are Increasing ID Theft is fastest growing crime in the nation – Expected to overtake drug trafficking – 19 people become new victims every minute – Bureau of Justice Statistics 2004 = 7.2 million victims 2006 = 10 million victims Source: Identity Theft Resource Center Extrapolated 2008 = 13.9 million victims
  • 17. Information Risks and Losses are Increasing Hawaii was 25th in ID Theft instances per Capita in 2005
  • 18. Overview of Compliance Requirements If you are selling to a customer in another nation or state you generally must comply with the laws of their place of residence – International Laws – Federal Laws – State Laws If you accept credit/debit cards you must comply with PCI DSS – Payment Card Industry Data Security Standards – Processing online transactions increases your compliance requirements
  • 19. Overview of Compliance Requirements Federal Requirements – Freedom of Information Act 1966 – Privacy Act 1974 – Electronic Freedom of Information Act 1996 – Gramm-Leach-Bliley Act – Health Insurance Portability and Accountability Act (HIPAA) – Children’s Online Privacy Protection Act (COPPA) California: SB 1386 European Union – EU Directive 95/46/EC – EU Directive 2002/58/EC
  • 20. Overview of Compliance Requirements Hawaii’s ID Theft Laws – Act 135: Notification of Security Breaches Went into effect January 1, 2007 – Act 136: Secured Disposal of PII Went into effect January 1, 2007 – Act 137: SSN Use Prohibitions Went into effect July 1, 2007
  • 21. Overview of Compliance Requirements
  • 22. Overview of Compliance Requirements Hawaii’s ID Theft Laws – Internal Costs $197 per compromised record 2007 estimate by Ponemon Institute (per Journal of Accountancy, January 2009) – State Penalties Up to $2,500 for EACH violation/record – Additional Costs Liability to injured parties for actual damages sustained
  • 23. Overview of Compliance Requirements 12 PCI DSS Requirements – Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect data 2. Do not use vendor-supplied defaults for system passwords and other security parameters – Protect Cardholder Data 3. Protect stored data 4. Encrypt transmission of cardholder data and sensitive information across public networks – Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software 6. Develop and maintain secure systems and applications
  • 24. Overview of Compliance Requirements 12 PCI DSS Requirements – Implement Strong Access Control Measures 7. Restrict access to data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data – Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes – Maintain an Information Security Policy 12. Maintain a policy that addresses information security
  • 25. You Must Protect Your Data Businesses have a duty to protect their customer’s data – Fiduciary Duty – Legal Duty Businesses can fulfill these duties by – Understanding the risks – Assessing your exposure – Take action to reduce exposure/manage risks Internal: Implementing controls to safeguard data External: Select vendors that maintain compliance – Monitoring compliance
  • 26. Basic Outline of a Web Site Initiative Phases in a Web Site Project Plan1. Vision2. Design3. Build4. Test5. Deploy6. Maintenance7. Refine Design8. Repeat from phase 3
  • 27. Basic Outline of a Web Site Initiative Vision Design Build Test Deploy Refinement Maintenance
  • 28. Basic Outline of a Web Site Initiative Vision Phase – What will the site look like when you’re done with it (focus on long term, end-point goal) Section/Content Map – what will be on the site? Functionality – what does the site have to do? Phases – building iteratively allows you to get something out there sooner and get feedback – What is the purpose of the site at each phase? May drive what sections/content/functionality the site has at each phase Identify critical path, dependent site elements
  • 29. Basic Outline of a Web Site Initiative Design Phase – Create one primary design that can fit each phase but also accommodate your entire vision Web site design is different from print, make sure your Graphic Designer knows how to design for Web Make sure your Graphic Designer knows the phases so that they can ensure that the design can stand alone at each phase Before finalizing the design, make sure that the Web Developer (the person building the site) has reviewed the design and is able to implement it in HTML – Survey other Web sites (especially those of competitors) to see what you like/don’t like
  • 30. Basic Outline of a Web Site Initiative Design Phase (continued) – Determine your technology and hosting options Technology: HTML, PHP, Java, .Net, Flash, etc. Hosting: in-house, outsourced – Remember to look at the long term functionality and integration to back-end systems needed Select the technology that will best support integration in the long term Select the hosting platform that will support the technologies you plan to use and that will be able to support the integration that may be needed later – Work with a marketing/branding specialist to create or carry your brand to the Web
  • 31. Basic Outline of a Web Site Initiative Build Phase – Convert the design into an actual Web Template Identify the skills needed for the project – Web Design = visual elements, graphics, fonts, etc. – Web Development = HTML, application programming – Database Development = database programming and data exchange/integration Identify the browsers and versions that the Web site will need to support (and you will need to test) – Internet Explorer, Netscape, Firefox, Chrome, Safari, – Browser types: desktop, mobile – Work with a Search Engine Optimization (SEO) specialist Each search engine has different criteria – SEO is a specialization and requires constant monitoring to maintain ranking
  • 32. Basic Outline of a Web Site Initiative Build Phase (continued) – Develop the content for the site This is not the job of the Web Designer or Developer! Writing for Web is different from writing a report or on paper – Take into account shorter reader attention span – Allow for screen size and scrolling Identify graphics and other visual elements to include Identify things that should be linked – Either internally to another page on your site – Or externally to another Web site Remember to obtain copyrights or permission for any material that you do not own
  • 33. Basic Outline of a Web Site Initiative Build Phase (continued) – Place content into Web Template Can be done graphically by Web Designer then transferred to HTML by Web Developer Or can be done by Web Developer if simple – Develop functionality for the site Primarily done by a Web Developer – Flash and other non-programming tasks may be done by a Web Designer Use “use cases” to describe the functionality that you want the site to have and what you want the user experience to be like
  • 34. Basic Outline of a Web Site Initiative Test Phase – Review the completed Web site for content completeness, accuracy, correctness, and performance Check EVERY page to ensure that the display of content doesn’t distort the design Overall proofread for spelling, grammar, etc. Check that images are displaying correctly and at the correct size Make sure all links open to the correct sites and in the correct window (e.g. same or new) Check that pages load within a reasonable amount of time
  • 35. Basic Outline of a Web Site Initiative Test Phase (continued) – Test that the site functions as expected Develop scenarios for different things that Web site visitors may try to do and walk through each scenario or combination of scenarios Verify that any data that is presented is being drawn from the right source(s) and displayed correctly Verify that totals and other computed elements of pages are being computed correctly Verify that data being submitted through the site is captured correctly – And fed into the appropriate back end systems Test that security is being properly enforced – Test user/URL spoofing and other common exploits
  • 36. Basic Outline of a Web Site Initiative Deploy Phase – Prepare for go-live Setup the necessary DNS entries with your domain manager/hosting provider Determine a cut over/go-live date – Remember that it can take up to 48 hours for DNS changes to propagate through the Internet On the go-live date, make sure the following people are available for unforeseen circumstances – Web Developer to address any unforeseen errors in functionality – Hosting provider staff to address any potential system issues – Launch the site
  • 37. Basic Outline of a Web Site Initiative Maintenance Phase – Monitor site usage Page hits, visitors, length of stay User logins and use of functionality – Monitor search engine placement Does content need to be adjusted? Work with your SEO specialist to refine as necessary – Keep content fresh and accurate to keep people coming back – A Web site is like a living thing…it needs constant feeding and attention to keep it current and relevant
  • 38. Basic Outline of a Web Site Initiative Refinement Phase – Revisit vision and design based on site usage and feedback – Make adjustments to design and/or functional specifications as necessary – Revisit phases and determine if anything needs to be changed, added, removed – Determine what should be built next – Develop the detailed design – Pass it to the Web Development Team to build
  • 39. Basic Outline of a Web Site Initiative - Phases Vision Design Build Test Deploy Refinement Maintenance
  • 40. Basic Outline of a Web Site Initiative - Roles Marketing Strategist Technology Strategist – Branding – Platform/IntegrationProject Social Web Functionality Roles – – Graphic Designer Project Manager Copy Writer Web Developer SEO Specialist Database Developer --- Quality Control Analyst Content Manager ---Operations Roles Promotions Manager System Manager Information Analyst Data Analyst
  • 41. Web Site Initiative Summary Figure out the objective(s) of your Web site Develop a strategy for achieving the business objectives of the Web site – Leverage Marketing & Technical Experts – Balance short-term and long-term value Establish or carry your brand to the site Build the site in stages—iterate to success Keep the site current and relevant to keep your audience engaged – Leverage the “Social Web” to extend your reach
  • 42. INTRAPRISETECHKNOWLOGIES LLC Thank you for your attention and participation! Feedback and questions are welcome Donny C. Shimamoto, CPA.CITP donny@myitk.com (808) 735-8324