The holiday shopping season is quickly approaching, which means that retailers will start seeing an uptick in traffic to their websites. While traffic increases certainly have the potential to positively impact the bottom line, surges in activity can also result in downtime, if you don't prepare. Why is this a problem? Even a minute of downtime can cost thousands - or hundreds of thousands - of dollars and can damage a company's brand for years to come. It can also jeopardize consumer and banking information.
To make sure you don't run into these problems, the Akamai Professional Services team has compiled a few tips to help you prepare for expected - and unexpected - spikes in holiday traffic.
1. Accommodate early shoppers
While Black Friday is often seen as the start of the holiday shopping season, many deals and promotions are beginning earlier in November. In fact, in 2013, we reported year-over-year increases in traffic as early as the Tuesday before Thanksgiving. And not surprisingly, Cyber Monday typically sees higher peak traffic than Black Friday, meaning retailers will see some of their highest traffic levels before November comes to a close.
Retailers can prepare for these early shoppers by doing a site assessment to maximize offload, thereby ensuring optimal performance and user experiences, regardless of how many visitors are browsing the site. Some frequent recommendations resulting from a site assessment include understanding holiday traffic patterns to optimize offload and performance, and discovering risks where preventative measures can be taken to ensure stability.
2. Conduct load tests
Retailers can gain a better understanding of their website capacity and vulnerability by simulating realistic holiday traffic with third-party load testing providers. These tests will reveal the website's breaking points based on the volume of traffic, which retailers can then use to avoid glitches in real user scenarios. They can also conduct synthetic load tests at night with real users on the site. While this won't truly simulate the holidays, it's another option if retailers don't want to test with third-party load testing providers.
And while load testing is certainly is a useful tool, retailers should still plan for failure, even if they think they've tackled all potential vulnerabilities. Acknowledge what could possibly go wrong and determine what steps will be taken to recover the site. For example: will you fail open or fail closed? Retailers can take this a step further by simulating failures of parts of their infrastructure to see how the rest of the system handles it. By doing this, retailers can take comfort in knowing that even if the worst does happen, they are as prepared as possible to rectify the problem and get back to normalcy.
3. Be prepared to tackle prevalent threats
Unfortunately, cyber attacks are an unavoidable component of the increased focus on online holiday activities. Just as retailers aim to capitalize on this traffic, so do attackers and fraudsters. For example, last year's Black Friday attack traffic against retailers was five times higher than retail attacks seen on Nov. 1, 2013, with the bulk of malicious requests consisting of SQL injections, DDoS attacks and image scraping attempts. And now that eCommerce is not just a capability of larger businesses, retailers of all sizes need to worry about security threats and be prepared to tackle them.
The first step retailers should take is updating their websites to the latest rules. Threats are constantly evolving, and if your rules aren't keeping up, they won't do anything to protect you. However, it's also important to ensure that IT teams, security professionals and network architects work together to ensure the proper balance between security and performance. This means that retailers shouldn't simply update to every new rule available. Instead, they should carefully select the rules that are most relevant to the website. By doing this, retailers will not over protect their websites to the point that they shut out the "good" traffic.
4. Communicate with us
Work with your partners to develop a plan for your anticipated holiday traffic and the potential threats it presents. The Akamai Professional Services team can work with you to establish an operational run book to define key components, key contacts and key dates for holiday promotions and activities. By completing these deliverables, clients and partners are able to communicate better, enjoy faster response times and increased efficiencies in solving business-critical needs.
In addition to planning for the technical unknowns, teams and partners should also share key contact information and escalation paths of who should be notified in the event of failure. This allows you and your partners to align resources to be on alert during these times or even schedule planned touch points to ensure things are running smoothly.
Hopefully at this point, it's clear that not only is it a good idea for retailers to plan for both expected and unexpected spikes in holiday traffic - in addition to both legitimate and attack traffic - it's absolutely necessary if they want to reap the benefits of the shopping season. The more retailers prepare (and the sooner they do it), the better their chances are for a more successful holiday season.
This is a post from James Stathopoulos, Director, Service Line; Patrice Boffa, Senior Director of Service Delivery; Matt Ringel, Senior Enterprise Architect; and Matthew Panico, Technical Project Manager.