eSites Network Website Design


Does your website persuade your customers?

A common mistake that people make while designing their website is not deciding the goal or objective of the website clearly and upfront. Most people consider their website to be an online version of their brochure. What they forget is that the web is an active and interactive medium and not a static medium.

The important difference to keep in mind is that a website is an interactive medium while a brochure is not. There is a huge potential to engage the customer in myriad ways and actually persuade the customer to do something useful. People are intrinsically curious and like to interact. A website is a great way to create this engagement with the customer. However, if you do not define what the result of the engagement has to be; you could lose out on the engagement created by the interactivity on your site.

So what can you do to improve the architecture of your website? This has nothing to do with graphic design or look and feel but to do with what you want the website to do and how to do it. Here’s how you can go about deciding this:

1. Define the precise action you want your customer to complete on your site.

In retail websites, it is to buy something on your site. In B2B sites, it is to generate an interest to do business with you or to request for more information. This is called a website goal. The end result is the completion of the goal; for example a filled form indicates a level of interest that the visitor has in your services. You can then this follow up with your sales efforts to convert this interest to an actual sale.

2. Identify the incentive or persuasion factor that will motivate the visitor to complete this action.

This could be something like a freebie that you might be willing to give away. For B2B sites, whitepapers, downloads, industry information sheets all serve as excellent incentives and also serve to establish your credibility as a trusted provider. For retail websites, discounts, timed offers, limited stocks and other such persuasion tactics help motivate specific action.

3. Allow the designer to build these into the design.

The designer then has to use these elements to create a persuasive design that compels visitors to execute the action that you have defined. This form of design is broadly called PET (Persuasion Emotion Trust) design that focuses on the usable and persuasive website design. The designer has to use proven techniques, within the ambit of your business objectives, to give you a design that funnels people into action zones within your home page.

When you design in this manner, you get a website that actually works rather than a website that simply sits around waiting for someone to do something. So take a look at your website and figure out whether it persuades people to take any kind of action.

Fighting the new face of cyber-crime

Cyber-crime has become more sophisticated, but there are ways to harden your company's defenses. Businesses are being confronted by a new breed of profit-hungry cyber criminals, focused on accessing confidential data and intellectual property for financial gain. Cyber-crime is no longer an issue of showmanship, perpetrated by hackers keen to disrupt information systems. It has become a serious business and today's cyber-criminals have become exceedingly efficient in their plans to access and exploit business critical information.

More feared than terrorism

The recent Hydraq attacks highlight the targeted nature of today's threats, designed specifically to steal confidential information. According to a recent report into worldwide cyber-crime trends, 60% of identities exposed in 2009 were compromised by hacking attacks. In addition, according to a broad study of large organisations, 90% of Australian and New Zealand enterprises have fallen victim to cyber attacks in the last year.

Enterprises are very aware of the risks of cyber-crime with 43% of Australian and New Zealand (ANZ) organisations rating it as their top business concern. This threat was ranked higher than natural disasters, terrorism and traditional crime combined.

Protecting business critical information from cyber-criminals is complicated due to a number of factors. Firstly, the pace of information growth is accelerating, IT infrastructures are expanding and new computing platforms are being adopted. At the same time, the workforce is becoming more mobile. Employees are accessing and sharing company information at home and on the road, leaving companies more vulnerable to the risk of data loss. It is clear that, in this environment, security professionals have more to manage than ever before.

A simple three-point plan

To protect themselves effectively, businesses now require a focus on security continuity that allows them to continuously respond to internal and external changes.

First, businesses need to take a risk-based and policy-driven approach to security. Information growth continues to expand exponentially. It would be too costly and inefficient to try and secure everything, so businesses should focus on their critical data and assets only. Today's attacks by cyber-criminals and insiders alike often take advantage of weak IT policies that expose information. Companies need more comprehensive and effective policies to control who and what has access to information and infrastructure.

Second, companies should take an information-centric approach to security. Businesses need to know where their important information assets are and who has access to them. And if a company doesn't have a good handle on where their important information is, then they are at risk. It is not only important to know where your information is; you must also make sure that the right things happen as that information flows both within the company, and to and from the company.

Finally, companies need to operationalize their infrastructure management through standardization, workflow and automation. A well-managed infrastructure will ultimately result in a better-protected infrastructure and a safer online working environment.

Protecting key vulnerabilities

Research has shown that cyber-criminals are targeting four key areas of weakness that are putting business environments at risk: poorly-enforced IT policies, poorly-protected information, poorly-managed systems, and poorly-protected infrastructure.

So how can businesses manage the four key areas of weakness and focus on protection that matters? The following tips provide a good starting point.

  • Develop and enforce IT policies, and automate risk management and compliance processes. By prioritising risks and defining policies that span across every location, businesses can enforce policies through built-in automation and workflow, and not only identify threats but re-mediate incidents as they occur or anticipate them before they even happen.
  • Protect information proactively by taking an information-centric approach to protect both information and interactions. It's not enough to know where the information resides - you need to know how it moves and who has access to it so you can protect it. Taking a content-aware approach to protecting your information is key in knowing where your sensitive information resides, who has access, and how it is coming in or leaving your company.

  • Manage systems efficiently. Systems management needs to make an organisation's life easier through standardization, workflow and automation. These are things that can be put in place to make security software do the heavy-lifting on everything from patch management to regulatory audits.

  • Protect the infrastructure and respond to threats rapidly. Companies need visibility into their systems so they can manage them properly and ultimately protect against emerging threats.

As the latest report into worldwide cyber-crime trends amply demonstrates, the threat landscape continued to evolve in 2009, with significant growth in both the volume and sophistication of cyber crime attacks targeted at enterprises. The good news is that targeted attacks can be defeated. By taking precautions against the four areas of weakness, organisations can significantly bolster their defences against targeted attacks and defeat the new face of cybercrime.

Understanding Web Design

We get better design when we understand our medium. Yet even at this late hour, many people still don’t understand web design. Some who don’t understand web design nevertheless have the job of creating websites or supervising web designers and developers. Those who understand the least make the most noise. They are the ones leading charges, slamming doors, and throwing money — at all the wrong people and things.

If we want better sites, better work, and better-informed clients, the need to educate begins with us.

Preferring real estate to architecture

It’s hard to understand web design when you don’t understand the web.

Most of what people know about the web comes from the media; and their focus on web businesses to the exclusion of all else is like reporting on real estate deals while ignoring architecture. In 1994, the web was weird and wild, they told us. In ‘99 it was a kingmaker; in ‘01, a bust. In ‘02, news folk discovered blogs; in ‘04, perspiring guest bloggers explained how citizen journalists were reinventing news and democracy. And now its Web 2.0, whatever that is.

Then each year, advertising and design magazines and professional organizations hold contests for “new media design”. The creators of winning entries see the web as a vehicle for advertising and marketing campaigns in which the user passively experiences Flash and video content. The winning sites look fabulous as screen shots in glossy design annuals. Thus sites that behave like TV and look good between covers continue to be created, and a generation of clients and art directors thinks that stuff is the cream of web design.

Critics who are smart about print can be less bright about the web. They lament on our behalf that we are stuck with ugly fonts. They wonder aloud how we can enjoy working in a medium that offers us less than absolute control over every atom of the visual experience. What they are secretly asking is whether or not we are real designers. More sophisticated critics understand that the web is not print and that limitations are part of every design discipline. Yet even they cry, Where are the masterpieces of web design?

Typography, architecture, and web design

The trouble is, web design, although it employs elements of graphic design and illustration, does not map to them. If one must compare the web to other media, typography, the art of creating type or fonts, would be a better choice. For a web design, like a typeface, is an environment for someone else’s expression.

Architecture, the kind that uses steel and glass and stone, is also an apt comparison. The architect creates planes and grids that facilitate the dynamic behavior of people. Having designed, the architect relinquishes control. Over time, the people who use the building bring out and add to the meaning of the architect’s design.

Of course, all comparisons are gnarly by nature. What is the “London Calling” of television? Who is the Jane Austen of automotive design? Madame Butterfly is not less beautiful for having no car chase sequence, peanut butter no less tasty because it cannot dance.


Web design is not book design, it is not poster design, it is not illustration, and the highest achievements of those disciplines are not what web design aims for. Although websites can be delivery systems for games and videos, and although those delivery systems can be lovely to look at, such sites are exemplars of game design and video storytelling, not of web design. So what is web design?

Web design is the creation of digital environments that facilitate and encourage human activity; reflect or adapt to individual voices and content; and change gracefully over time while always retaining their identity.

Great web designs are like great typefaces: some impose a personality on whatever content is applied to them. Others fade into the background, magically supporting whatever tone the content provides.

Great web designs are like great buildings. All office buildings, however distinctive, have lobbies and bathrooms and staircases. Websites, too, share commonalities.

Although a great site design is completely individual, it is also a great deal like other site designs that perform similar functions. The same is true of great magazine and newspaper layouts, which differ from banal magazine and newspaper layouts in a hundred subtle details. Few celebrate great magazine layouts, yet millions consciously or unconsciously appreciate them, and nobody laments that they are not posters.

The inexperienced designer complains that too many websites use grids, too many sites use columns, too many sites are “boxy.” Efforts to avoid boxiness have been around since 1995; while occasionally successful, they have most often produced aesthetically wretched and needlessly unusable designs.

The experienced web designer, like the talented newspaper art director, accepts that many projects he works on will have headers and columns and footers. His job is not to whine about emerging commonalities but to use them to create pages that are distinctive, natural, brand-appropriate, subtly memorable, and quietly but unmistakably engaging.

If he achieves all that and sweats the details, his work will be beautiful. If not everyone appreciates this beauty — if not everyone understands web design — then let us not cry for web design, but for those who cannot see.

Prevention Is Better Than Cure

From the earliest of days, Man has learnt well to defend his assets. But how is this history lesson going to help you secure your servers and ultimately protect your valuable data? Well, we are going to make them as impregnable as the castles of old. Taking a lesson from history's pages though, it seems wiser and more efficient to prevent a loss than to attempt to recover from an attack. Prevention is better than cure.

Sun Tzu, The Art of War
"The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable."

Get Ready for the Intruder

Security is not about simply investing in equipment; it's about putting in a security life cycle that's driven by your business needs. Believe it or not, but your organization could be miles away from being secure even if you have a firewall in place. Conversely, you could have already achieved a high degree of security, even without a firewall. In short, securing an organization requires much more than a firewall. It requires a complete understanding of the security life cycle and how to deploy it.

Most business owners often tend to misinterpret the function of security. Securing an organization does not mean disconnecting all networks and powering down the systems. It is about securing the organization, while enabling it to continue doing its business.

Hence, this involves the human factor, and the machine factor. We address the first by laying down policies, educating users, implementing the policies and finally conducting audits. The second part is addressed using proper tools, both hardware and software, and procedures.

The Human Factor

The organization provides the business needs based on which the access restrictions/rights are defined. So, whether Internet access and e-mail facility are required or not and to what extent, whether remote connection should be allowed on the network, are all driven by business needs. Based on these, a security policy document is created. This doesn't have to be a large and detailed document, so long as it contains the specific areas you would want to address.

Once the policy is put in place, you will want to focus on education, processes, tools, audit and review. Most organizations underestimate the need for user training and education. The best of firewalls and tools can't provide as much security as a well-educated user would. So, spend the resources and time on educating your end users and senior management.

Turn the security policy into actionable items, which is taken care of by the processes section. These include standard operating procedures (SOP) - which detail what is to be done in what situations - and, acceptable usage policies (AUP) which are like do's and don't for various sections of the security policy.

Auditing is a mechanism of ensuring that all stated needs in the policy are indeed implemented. Once again an audit of tools deployed is as critical as the audit of process deployment. If the policy requires installation of anti-virus on every computer in the company, then leaving out the MD's (or any other) computer will dilute all possible efforts to secure your organization.

The Machine Factor

Security breach can happen from either inside or outside your network. Outside threats can come in either through your Internet gateway or e-mail. Inside threats can be from a disgruntled employee or an imposter gaining access to a vulnerable system-the imposter could be a human being or a malicious code like a worm or Trojan that infects an unpatched system. Given the sources of threats, you need to consider four aspects when implementing network security.

  1. Firewalls. To protect your network from threats coming from the Internet.
  2. Systems management. To eliminate vulnerabilities from servers, desktops and networking hardware such as firewalls and routers.
  3. Anti-virus/anti-spam. To protect all systems from viruses and threats entering through spam.
  4. Intrusion-detection System (IDS). To do timely detection of suspicious activity on your network.

Physical Security

Security starts within. But, to understand the last level of security (that is physical security) lets suppose: Tom Cruise of Mission Impossible 2 comes inside your server room suspended from the roof. Then opens up you machine's cabinet and takes out or short the battery in your motherboard and sets your BIOS password to default. And then sets the boot devise priority to CD-ROM. After that he boots up the machine with a standard Knoppix CD, mounts your partitions and copies all the important data into a USB pen drive and goes away with his chopper. So now what you will do? And the answer is very simple. After all the effort you have taken for securing your machine over the network.

It is also very important to keep a very tight watch on the physical security of your servers. Well, the concept is quite away from the scope of this article but still you should have security guards and keys and locks at the door of your server room and don't leave any room at the roof top so that Tom Cruise can not climb down from there and hack into your server.

To Summarize

Having a sound IT policy for your enterprise goes a long way to minimizing if not eliminating the risks. Grounding these policies with a good implementation firms up the confidence that your infrastructure will be safe and your data secure for a reasonably long time.

After all, it is not necessary to get a virus attack to lose all your data... You need a little bit of everything - some preventive, some cleaners, some disaster management, a little protective storage-in our management recipe for an optimistic synergy between both technology and requirements.

The total cost of survival does always outweigh the cost of ownership or operation. And that's the way the cookie crumbles!

Look at it Another Way

Remember the first time you saw the vase / two faces image? Remember staring until your perspective shifted and you saw the “other thing” in the picture? You probably felt a thrill accomplishing it. Did you show your friends how easy it was, showing off your ability to see both images? Remember how it felt? It felt powerful—a revelation.

What would it be like to experience that same powerful feeling at work? Seeing the same thing from different perspectives is much praised but little practiced. We don’t often realize what we can gain by seeing another scene in the picture.

Step out of your role

Whether we’re improving what we make, how we make it, or how we share it, we normally take the perspective of the creator. We can’t help it. We’re drawn into decisions about all sorts of details. We love the minutia — solving problems, finding a way around a limitation. We don’t try to see past our own role in the process.

User experience examines the everyday lives of the people we endeavor to help. One of the best illustration of this: A ad executive showed a catalog picture of a mountain bike next to a picture of a guy careening through a stream with water splashing everywhere. You couldn’t even see much of the bike in the second picture. He said, “You don’t buy a bike. You buy the right to scare yourself to death.” This is exactly it!

The people who designed the bike talk about what the bike can do, but the rider wants to find out what he can do. In the designer's vocabulary: “We give you 20 gears.” In the user's vocabulary: “I’ve decided to bike to work twice a week, but I fear the pain of getting up that steep hill on the way there.”

Pretend your company doesn’t exist

Thinking from the customer’s perspective is a Zen-like exercise. It requires you to drop your role completely, and spend time engrossed in the world of this person. Stop thinking of them as a “user” of the thing you provide. Think about how and why they accomplish what they want to get done, not how or why they might use your stuff. Pretend you and your organization do not exist, and study what this person does with all the resources available in his life.

For example, what does a citizen need from his government? He needs a way to get from his house to the grocery store, the post office, his workplace, etc. These could be roads, bike paths, public transit, and sidewalks. He needs utilities like water and electricity to be delivered to his property. He needs assurance that his property will be defended from fire, protected from floods, and accessible during a disaster. He wants to feel safe from assault, whether by a human, an animal, pollution, noise, or disease. This list goes on. When you look at how this person would approach the government, he is faced with a list of departments:

  • Parking Services
  • Public Works
  • Redevelopment Agency
  • Emergency Services
  • Community Development

To whom would he turn if he wanted to report a strong pesticide smell? If the list contained titles such as the following, he might find the right person a little faster:

  • Getting Around Town
  • Water, Sewer & Utility Infrastructure
  • Fire/Flood/Disaster Preparation
  • Concerns About Feeling Exposed/Invaded
  • Changing Your Property

Harness this for a wider perspective

When you understand what drives people’s behavior, you can imagine new ideas pretty easily. When doing this, turn off your internal problem-solver and just listen to people. Allow patterns of behavior and motivation to reveal themselves to you. Work from the bottom up, rather than designating several behavior areas and trying to fit people’s actions into them. Make sure you’ve asked questions that dig into a person’s soul. Find out what makes them tick. For example, you’ll find that many health patients go to a doctor not to “remove pain” but to “get back to my old life.” Removing pain is just one underlying root motivator.

When your company redefines the way you see and support customers, you take a step toward a more mature design approach. Instead of simply making existing solutions work better or applying stylish cosmetics, you open up new perspectives that allow you to see something that wasn’t apparent before.

Focus first on what it’s like to be these people, and then focus on what you have to give them. With this vision, creativity tumbles forth.