Enterprise Ecommerce / How to Sell Online

Ecommerce Website Speed, Stability and Security: The Ecommerce Non-negotiables All Online Businesses Must Deliver

Tracey Wallace / 5 min read
Ecommerce Website Speed
Table of Contents

    As an ecommerce executive, you probably think a lot about how you can take your business to the next level –– and there are a lot of tools at your disposal.

    Yet, as the ecommerce space continues to become more and more competitive, consumers expect a certain level of quality from a retail website they visit. Yes, design matters. Yes, your messaging matters. Yes, whatever campaign you decide to run matters. But, none of those marketing aspects are necessarily non-negotiables.

    In the ecommerce world, the following are absolute non-negotiables to running a successful business: site speed, stability and security.

    Page Load Speed: Immediate

    Time is money, especially for an ecommerce site. When an online shopper clicks Buy Now, something needs to happen –– and needs to happen right then. To accomplish this, your site needs a fast response time, boosted by a content delivery network.

    Any delay on the web lowers results. Amazon, Google, Microsoft and many other companies have tons of research to prove that. For example, in 2006, the average online shopper expected webpages to load in eight seconds or less; by 2010, that number was down to 2 seconds or less.

    This is why the speed of your site is critical for your business. If your page doesn’t load fast, many shoppers simply click away to a competitor — and may never come back. Using a content delivery network (CDN) is a smart way to speed up your website.

    The CDN maintains servers at strategic points around the world; each server stores a “cache” of the biggest files on a website, such as code, photos or videos. Thanks to its special design, the CDN can serve up those files faster than your own site.

    A big chunk of the internet’s traffic is handled by CDNs behind the scenes. And since CDNs provide a vital service, you normally pay a high fee to use one.

    Not so with SaaS ecommerce technology like BigCommerce. Our ecommerce hosting already includes the industry-leading CDN, Fastly, which uses a smart, modern architecture to deliver the biggest bang for your buck.

    And, Fastly is the only CDN with “instant purge of dynamic content.” That means you can update your product database and any visitor will see your changes immediately, instead of 20 minutes later.

    This real-time content delivery is no longer a nice-to-have with consumers when it comes to the best website hosting. Your site must load immediately, or you’ll risk losing a sale to Amazon and other sites that have accounted for this customer expectation.

    99.99% Uptime

    Just like an Olympic athlete, your site has to perform at peak condition through every grueling test. Can it handle the double-whammy of Black Friday and Cyber Monday? How about a guest spot on Shark Tank? What about a flash sale, or a celebrity influencer campaign?

    Customers will expect it to.

    For five years in a row, Cyber Monday has been the biggest single day for online shopping. On that day in 2014, ecommerce sales in the U.S. topped $2 billion for the first time ever. Black Friday added another $1.5 billion, and the days in between accounted for $2 billion more.

    “From Black Friday through Cyber Monday 2014, BigCommerce handled three times our normal traffic load with 100% uptime,” said Scott Baker, head of site reliability and operations at BigCommerce. “We have one customer who did more than 70,000 orders in four hours that day!”

    That’s one heck of a surge –– and it’d be a terrible time to lose site uptime, and thus revenue.

    The holidays, though, aren’t the only high-traffic time for websites. Your flash sales or deals of the day can create big spikes in traffic. And, if a celebrity is spotted wearing a certain type of sunglasses, sales of that style can go through the roof.

    To make sure your site can handle an unexpected burst of demand, it helps to know people who’ve been there and done that. Baker and one of his colleagues worked for two online ticketing services, where they got lots of practice dealing with spikes in traffic.

    “Say Lady Gaga is doing a concert tour, and tickets go on sale at 7 a.m. In those first five minutes, you have to deal with hundreds of thousands of people coming to the site to get tickets,” says Scott. “And tickets often sell out in just a few minutes.”

    Sites must be able to handle large amounts of traffic in very short periods of time.

    “A lot of people just guess at their capacity,” notes Scott. “But we actually know ours. We don’t guess, we figure it out. That way, we can prepare for upticks in traffic.”

    When you’re ready for your closeup, you shouldn’t have to be worrying that your site stays up, live and functional. Ensuring you have this non-negotiable nailed down is essential to growing your business and maintaining customer trust and loyalty.

    Site-wide Security and Peace of Mind

    In today’s ecommerce world, site security means protection against hackers. PCI compliance, DDoS mitigation when necessary and site-wide HTTPS are all the necessary means to properly achieve ecommerce security.

    PCI Compliance

    The PCI Security Standards Council (PCI SSC) defines a series of specific Data Security Standards (DSS) that are relevant to all merchants, regardless of revenue and credit card transaction volumes.

    Achieving and maintaining PCI compliance is the ongoing process an organization undertakes to ensure that they are adhering to the security standards defined by the PCI SSC.

    The SSC defines and manages the standards, while compliance to them is enforced by the credit card companies themselves. Again, these standards apply to all organizations that deal with cardholder data. Cardholder data refers specifically to the credit card number, along with cardholder name, expiration date and security code (CSC). The purpose for PCI compliance is simple: ensure customer credit card data is being properly secured.

    There are different levels based on the amount you are transacting, and PCI compliance experts are expensive to hire. Good thing, then, that many SaaS ecommerce platforms handle this for their customers. This is an incredibly expensive and time consuming endeavor that most retailers cannot accomplish on their own expertise. For more information into exactly how to earn PCI compliance on your own, here is a guide.

    Denial of Service Mitigation

    DDoS attacks can strike without warning. They can happen intentionally by hostile outside parties or be triggered by scripts that scour the internet looking for known vulnerabilities. For online stores utilizing SaaS-based ecommerce technology, DDoS mitigation is handled for you, providing better protection than most self-hosted providers can offer, and much better protection than what your business is currently prepared to do.

    Site-Wide HTTPS

    Serving your entire site using HTTPS has two primary benefits: improved search ranking with Google and improved site security and shopper trust. What is site-wide HTTPS? It’s essentially site-wide SSL (Secure Sockets Layer). SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This secure link ensures that all data that passes between the web server and browser remains private and integral. In general, data delivered over an unencrypted channel is insecure, untrustworthy and is easily intercepted. In fact, in 2014, Google’s Pierre Far and Ilya Grigorik made their presentation calling for HTTPS Everywhere, reminding webmasters and website owners of the importance of  protecting the security, privacy and integrity of user data.

    A fully secure site is a big deal, not just to the health and safety of your business, but important to your customers as well. They want to be reassured whenever possible that doing business with you won’t mean they are part of another retail data breach. Site-wide HTTPS is one way to ensure they aren’t.

    Once you have these three non-negotiables covered, your ecommerce site is ready to launch against the competition. Companies that do not meet the above requirements for security, speed and stability should reconsider their ecommerce technology and work toward a cost-effective solution that allows their teams to focus on bringing in net-new customers and converting them, rather than on keeping the site up and hackers out when they get there.

    Want more insights like this?

    Subscribe to our bi-weekly newsletter to get the latest thought leadership content delivered right to your inbox — from blogs and resource articles, to podcast episodes, webinars and more.


    Tracey Wallace

    Tracey Wallace

    Director of Marketing MarkterHire | Former EIC, BigCommerce | Founder, Doris Sleep

    Tracey is the Director of Marketing at MarketerHire, the marketplace for fast-growth B2B and DTC brands looking for high-quality, pre-vetted freelance marketing talent. She is also the founder of Doris Sleep and was previously the Head of Marketing at Eterneva, both fast-growth DTC brands marketplaces like MarketerHire aim to help. Before that, she was the Global Editor-in-Chief at BigCommerce, where she launched the company’s first online conference (pre-pandemic, nonetheless!), wrote books on How to Sell on Amazon, and worked closely with both ecommerce entrepreneurs and executives at Fortune 1,000 companies to help them scale strategically and profitably. She is a fifth generation Texan, the granddaughter of a depression-era baby turned WWII fighter jet pilot turned self-made millionaire, and wifed up to the truest of heroes, a pediatric trauma nurse, who keeps any of Tracey’s own complaints about business, marketing, or just a seemingly lousy day in perspective.

    View all posts by Tracey Wallace

    5 comments on “Ecommerce Website Speed, Stability and Security: The Ecommerce Non-negotiables All Online Businesses Must Deliver

    1. Clip and Touch on

      I think, Technology has become our life easier. E-commerce business is the Best way to shopping.I love E-commerce website which helps me easy shopping and save my time also. Thanks for sharing a nice story about E-commerce with others.

    2. MD Yusuf on

      At the very beginning, I want to thank you very much for sharing this information. You are right that it is a competitive world where
      nothing is negotiable people want the best so to do better we need to do something like this to take my ecommerce in different level. So thank you very much.

    3. Scott Baker
      Scott Baker on

      Hey, Audio Bible,

      1. Using https instead of http will add some latency to response times, due to the initial SSL handshake, so there is a little bit of a trade-off. It’s usually about 50-100 milliseconds. However, after the initial handshake, encrypt/decrypt doesn’t usually add that much overhead. The SSL handshake only happens at the start of the https session, so for most users, it won’t be significant as they move from page to page, as the handshake has already happened.

      2. It’s unclear if Google is paying much attention to https over http yet. They have stated they think it’s important as a signal, so it might be a factor in the near future. Right now, performance of the site is definitely taken into account, so probably optimize for speed first, then site-wide https.

      3. Yes, but easy is a relative term.There is a way to convert your entire site to https. The complication is that you need your own domain name, dedicated IP address and certificate. Also, since there is some overhead in encrypt/decrypt, you may want optimize your site for less requests and less data per page.

      4. You don’t need to change all the code, but you may need to change some links to point to https rather than http so you don’t generate mixed-content warnings in your customers’ browsers. We have a link describing what to do here: https://support.bigcommerce.com/articles/Public/Site-Wide-HTTPS

    4. Audio Bible on

      1. If you serve the website using http(s) instead of http, I thought that made your website slower to load? 2. Does changing the page URLs to http(s) instead of http, does this have any effect on the page listing or rankings in Google?
      3. Does BigCommerce have an easy way to switch the entire site over to http(s)?
      4. If so does all the code need to be changed inside the site?

      Let me know.


    Leave a Reply

    Your email address will not be published.

    Less Development. More Marketing.

    Let us future-proof your backend. You focus on building your brand.