Something Digital - magento

Securely Connecting Magento BI to Magento On-Premise 

Magento BI (“Business Intelligence”) is an analytics platform which aggregates data from various sources to create beautiful and actionable dashboards and reports. If you’d like to learn more about what Magento BI is and does check out our blog post “Magento BI and why you need it”.

In this blog post, we’ll look at what’s involved with connecting Magento BI to Magento from a technical standpoint, and how to do so in the most secure manner possible.

How Magento BI Connects to Magento

Per Magento’s official documentation, Magento BI connects to Magento through a MySQL connection. You’ll also see that an SSH tunnel is recommended for the connection. We agree with this recommendation as it ensures that the connection is encrypted and allows you to keep port 3306 completely closed from public access.

Securely Setting Up the Connection via an SSH Tunnel

When setting up the connection between Magento BI and Magento the principle of least privilege should be followed. In other words, Magento BI should be given the minimum level of access required on the Magento system to function.

Magento also provides documentation on setting up the connection via an SSH tunnel which follows this principle well. A few important things to call out:

  • A dedicated Linux user should be set up for Magento BI.
    • We recommend using a restricted shell as documented here.
  • A dedicated MySQL user should be created.
    • The user should not be given write access to the database as documented here.
    • Access should also be limited only to the required tables (e.g. the connection does not need access to the admin_user table).

 

Additionally, in an environment using master / slave replication, Magento BI should be configured to connect to the read slave, not the master.

Magento Commerce Cloud

If you are using Magento Commerce Cloud the process differs and is documented here.

Written by: Max Chadwick, Technical Lead

QA

How to Define your Tech Stack Strategy

Most people expect blog posts and articles about selecting an ecommerce tech stack to provide answers, yet this one will ask far more questions than it will provide answers.

I say this because every business is different, and not just in terms of products or services sold. An organization’s level of maturity, its availability of time and resources to dedicate to an implementation, and its existing systems have a tremendous impact on how to approach the project. If any vendor or agency tells you they have a foolproof template for building a tech stack for businesses just like yours, run for the hills. If you engage with a company that makes such claims you will inevitably waste a lot of time and money on a project with a high chance of failure.

There’s no getting around the fact that launching or upgrading your ecommerce tech stack requires you ask many questions both of yourself, and of the tech vendors, consultancies and agencies you’ll tap for help.

Let’s start with the basics: what exactly is an ecommerce tech stack? Obviously the entire world defines it as the collection of products and services that make up your commerce activities, but I no longer believe that to be accurate. A company can have a fantastic collection and still have a tech stack that’s an utter failure. It behooves us all if we redefine it as the partners that power your commerce system.

Select Your Tools

There’s a huge array of tools available to support your ecommerce platform, and another avalanche of them coming to market in the next 12 months. Here are your options, overwhelming right?

So how do you decide which ones are first necessary, and second, a good fit for your business? Here’s where all that questioning comes in.

Know Your Level of Commerce Maturity and Pick Partners that Match It

What do I mean by commerce mature? It’s the complexity level of business solutions that your business should be employing

Before you even begin to select partners and technology, you’ll need to assess the level of complexity you’ll need to deploy. How much time do have have available to dedicate to this project? How much talent do you have within your organization? How much time does your internal talent have to dedicate? What other projects are they working on? How much budget do you have? What other technologies already exist? Which ones will you need to integrate with your new ecommerce tech stack? Do you have the resources to do that integration

If you don’t know the answers to these questions you’re far from alone; most companies don’t. A good start is to take an inventory of all the solutions that already exist within your walls. If you don’t have a PMI system, then you probably are at a low level of maturity. That’s not an insult or a bad thing; it’s a guidepost to help you choose wisely. You don’t want an overly complex ecommerce stack if you don’t have the resources and skillset in house to manage.

Know your customers’ expectations

You can’t really assess your maturity level unless you have  a good handle on your customers’ expectations. Of course they all expect you to be able to take and fulfill an order, but do they expect you to have live inventory on your site? Do they want a branded shipping experience? Do they want personalized recommendations from you? Do you have the right set of tools to aid in shopping? Do your customers need visual search tools, for instance?

Answering these questions may require a variety of efforts, from market research and competitive analysis to compiling data from your customer service teams. And you should probably plan to spend some time talking with your customers.

If you’re feeling a bit overwhelmed by the breadth of these customers, keep in mind that most companies find it difficult to objectively assess how mature they are. You may want to appoint someone in your organization to ask those difficult questions, and if no one is available, find an agency or consultant to help you.

Pick the Right Agencies and Consultants

Chances are high that you’ll hire an agency or consultant to help you make sense of your needs and help you design your tech stack. It’s an important hire, one that can have long lasting consequences. The number one question you should ask yourself: do you trust this agency or consultancy?

Once you decide that you do trust them, other questions you must ask include: How mature are the other merchants in their portfolio? Are they thought leaders, putting out content that advances the industry? Given that just about every agency has a set of companies they recommend, ask yourself: How mature are the software companies they recommend? Obviously, if they’re not as mature as your company, you won’t get a lot of strategic benefit from them. Conversely, if they’re way more mature, you can find yourself buying a lot of expensive software from partners who are just out of your reach.

Let’s assume you decide that an agency or a consultant is the right fit, you need to ask: Do they have an offering or a way to partner that’s going to help you get to the next level of maturity?

Select the Partners not Vendors

First and foremost, don’t just buy products or services, select partners, which is to say, companies that are committed to your success, and will work to ensure it. There is a huge difference between buying software from a vendor and partnering with a provider for a solution on which your entire business depends.

So how do you distinguish a vendor from a partner? Partners should be eager to educate you, and willing to explain their technology in ways that are meaningful to you. And they should pick up the phone if you have an issue. Of course, many of the tools can be managed with self service, but a lot can’t, and if a you experience an issue with a mission critical component of your tech stack, you want a partner who understands the urgency of the situation.

And they should be able to help you make rational choices. For instance, can they clearly and accurately tell you the resource allocation required to properly leverage their product? Do they have an assessment of their solution’s total cost of ownership? And of course, what level of customer service do they provide? Those are 3 key things that will help you understand whether or not you should engage with them.

Leverage your Partner’s Pre-existing Relationships

Finally, if you decide to use an agency to help, consider leveraging their pre-existing stacks and relationships to the fullest extent possible rather than adopt net-new products. In technology, familiarity = efficiency.

In other words, if using an agency to assist with your ecommerce using the stuff they’re already good at is going to be good for you. You’ll also will get better support, possibly discounts, as well as access to additional resources if your agency has a good relationship with those companies.

I told you this post would ask more questions than it answered, and I kept my promise. But within these questions there is methodology that will help you make smart decisions about your ecommerce tech stack, and set your company up for continued success.

Written by: Brian Lange, Director – Business Development

Adobe Experience & Magento

Something Digital will be at Magento Imagine 2019

Imagine was a blast last year and the Something Digital team can’t wait to see what Magento has in store this year!

SD turns 20 this year, visit booth #121 and celebrate with us! Stop by to get some premium swag or talk to one of our experts on design, development, marketing and more! Feel free to reach out in advance, any one of our experts can be booked through Brittany at [email protected]

[Win Something]

Drop off your business card or join our Mercury Stamp Game for a chance to to win a MacBook Air, Malin+Goetz Skincare Set or Nintendo Switch! Winners will be announced at the following times:

  • Monday, May 13 at 6:00PM
  • Tuesday, May 14 at 6:00PM
  • Wednesday, May 15 at 12:00PM

 

[Join Something]

We’re pretty proud of our SD team members represented onstage this year at Imagine. If you want to catch one of the sessions you can see the schedule below.

MONDAY, MAY 13

  • Margaux 2, 11:15AM-12:00PM: Anheuser-Busch InBev: B2B Digital Transformation at a Global Scale
    • Featuring: Carrie Weidenbach & Jonathan Tudhope, Something Digital
  • Lafleur 1, 2:30-3:15PM: Optimizing Mobile Conversion: 7 Surprising Results from a Magento Community Study
    • Featuring: Caitlin Mekita, Something Digital
  • Encore Theater & Latour 2, 4:00-5:30PM: General Session and Keynote
    • Featuring: Phillip Jackson, Something Digital

 

TUESDAY, MAY 13

  • Encore Theater & Latour 2, 9:00-10:30AM: General Session and Keynote
    • Featuring: Phillip Jackson, Something Digital
  • Encore Theater & Latour 2, 6:15-8:00PM: General Session and Keynotes
    • Featuring: Phillip Jackson, Something Digital

 

WEDNESDAY, MAY 13

  • Encore Theater & Latour 2, 11:00AM-12:30PM: General Session and Commerce Sneaks
    • Featuring: Phillip Jackson, Something Digital

 

We look forward to seeing you in Vegas!!!

Something Digital Launches New Mercury Accelerator with Key Partners

Something Digital is excited to announce our new Magento 2 Cloud Accelerator, Mercury. This offering for Magento Commerce Cloud enables merchants to go live with an operational, no-frills, affordable online store faster. The SD Mercury offering gives you the power of Magento while working with an award-winning agency and best-in-class technology partners to help grow your business and take it to the next level.

To make this build come to life SD partnered with some of the best integrations in the market; Dotdigital, Klevu, ShipperHQ, TaxJar, and Yotpo. Partnering with them gives merchants the opportunity to work with multiple integrations that will help them achieve success in ecommerce.

SD employs an agile process, best practice, business analysis, and improved out-of-box (OOB) functionality in this consultative offering to lead merchants to launch a Magento store front. Mercury includes a branded UI, focus management, an enhanced shopping experience with a configurable mini cart, and so much more.

If you’re interested in learning more about Mercury or getting a demo contact us here.

Trends Graphic

Managing Channel Conflict

Every brand wants to make it as easy as possible for consumers to buy their products and for good reason. Consumers face no shortage of choice, and if they face too many obstacles in buying from a particular brand, they’ll simply select another. That’s why most brands adopt a multi-channel retail model. Rather than restrict sales to their own direct-to-consumer (DtC) website and retail outlets, they form partnerships with wholesalers, boutique shops and the online marketplaces to sell their products. But while commerce is made super easy for the consumer, it is anything but for the brand.

Topping the list of headaches is channel conflict. You can work hard to establish a premium brand whose products consumers are willing to dig deep into their pockets to acquire. All that effort can be upended if department store decides to discount your products and all of your other wholesalers opt to match that fire sale price. And when this happens, it’s entirely possible that your website has the highest prices for your products, and consequently, the last place consumers want to shop!

Clearly, developing a strategy to manage channel conflict is as important developing a merchandising strategy (in fact the two are closely related). As we shall see in this blog post, there are steps you can take to protect your margins and your brand, and still have productive and mutually beneficial relationships with your wholesalers and marketplaces.

Let’s begin by discussing why a strategy for managing channel conflict is essential.

Protect your margins

Your DtC site and your retail outlets obviously offer your brand the best margins, and you’ll want to do everything you possible can to protect them. As mentioned above, wholesalers can undermine your efforts by discounting your products (and using their big Google AdWords and Google Shopping budgets to ensure people in-market see their lower prices!).

But they’re not the only ones who can frustrate your efforts. Let’s say you ship inventory to mom & pop shops or small boutiques that have small but loyal clientele. These shops often have stores in the global marketplaces, and may opt to discount your products there in an attempt to find new customers. If that happens, you can bet that the marketplace will detect that lower price point and match it. Suddenly your brand is in a race to the bottom.

Protect your reputation

When customers see the same product sold at different prices at various retail outlets a sense of unease can set it. What shouldthe product actually cost? How do they know they’re not getting ripped off?

That unease is made worse if the same retailer presents different pricing via different channels. This past winter, an NBC affiliate reported that the prices listed in Target’s app change based on the consumer’s location. If at home, prices displayed via the app were generally lower; in store, they were higher. Although Target hasn’t explained their reasoning, to many consumers it felt as if the retailer wanted to lure them into the store with lower prices, assuming that once there they’d just pay the higher cost rather than go someplace else. This isn’t a good way to instill trust, even if Target had no intention of deploying bait-and-switch tactics.

Protect your customer loyalty

Every brand makes investments in their customers, and you want those investments to continue paying dividends through repeat sales and customer referrals. Third-party channels, like Amazon, can help you introduce your brand to new consumers, but the process needs to be managed. If consumers stop coming to your site you won’t have any opportunity to build long term relationships with them.

Now that we know the challenges, what can you do to overcome them?

  • Think twice about discounting core and evergreen products. Let’s say your brand is best known for its bright green alligator shoes; they’re the evergreen product that sell well week after week, month after month. You should resist the temptation to discount them on your site, as your wholesalers will quickly match your price. Given that you probably have agreements in place that guarantee margins for your wholesalers, discounts on your evergreen products are just unprofitable endeavors.
  • Cull your list of wholesalers. While it’s tempting to have as many wholesalers as possible selling your products, sometimes you need to make difficult choices and cull your list. The best wholesalers are those that are equally committed to your margin goals. If a retailer doesn’t mind taking a 10% or 20% hit on the margins for your products, it may be best to sever that relationship.
  • Withhold future shipments. Once you ship inventory to a wholesaler you have very little control over the price they opt to sell it for, but you absolutely have control over future shipments. You can inform your wholesalers that they won’t be entitled to receive future shipments if they discount your products. Just make sure you follow through on your warnings.
  • Create custom products for special events. Wholesalers are often masters of merchandising, and when they approach you to participate in their once-a-year anniversary sale or some other special event, a little flexibility on your end is needed. Rather than discount your core product line, create a special product or bundle just for that retailer. This strategy ensures that your core products aren’t discounted, and that the sale item is only available from that source.
  • Reserve exclusive, limited and customizable products to your owned and operated channels. Keep avid fans of your brand coming to your DtC site or stores by reserving your exclusive, limited availability or customizable products to your owned and operated channels. And, by the way, you can feel free to discount those products if you want, as you’re the only one who sells them.

 

Those are just some of the strategies we’ve seen retailers deploy to manage channel conflict. Keep in mind that while these tactics clearly work to your advantage, they also benefit your wholesale partners who are equally committed to strong margins.

Written by: Phillip Jackson, Ecommerce Evangelist & Guest, Megan Petersen

Merchant to Merchant Podcast

Merchant to Merchant takes Palm Beach!

If you’ve been following our podcast for the last year or so you’ll notice that we’ve been taking it on the road and what better place to go than our home away from home Palm Beach, Florida.

Merchant to Merchant is a live event where merchants gather on a panel in front of an audience of their peers and discuss challenges. We hold these events in an actual retail space – where commerce happens.

We met live at the Island Company store on Worth Avenue in Palm Beach, FL to talk to three commerce experts – Kroger Digital, Sandow Media, and surefoot. Each one has a story of transformation, growth, and successfully engaging with customers who have so many options.

 

 

Security Lock

Security Best Practices: Security.txt

With the rise of cyber-criminal rings like Magecart, security is becoming an increasingly relevant topic within the ecommerce space. In this post we’ll explore an emerging specification, security.txt, and explore its relevance within the Magento ecosystem.

What Is It?

The usage of security.txt can be read about on the project’s homepage.

In a nutshell, websites publish a file named security.txt, in the .well-known/ folder. Here is an example of a published security.txt file, https://github.com/.well-known/security.txt. The file provides information on how security issues should be reported to the owner of website in question.

Why Is This Relevant?

As reported by Dutch security researcher, Willem de Groot, Magento extension are now the top cause of Magento breaches. “Internet Bad Guys” are proactively scouring the source code of Magento extensions looking for vulnerabilities and using them to compromise Magento sites. As such, it’s more important than ever for Magento extension providers to facilitate responsible disclosure of security vulnerabilities identified by responsible security researchers.

What Is Something Digital Doing About This?

I’m happy to announce that Something Digital now publishes a security.txt file:

If you discover a security vulnerability in any of our open-source modules, our website, or on the any of our client’s websites please report it to us responsibly as we’ve documented in our security.txt file.

Written by: Max Chadwick, Technical Lead

Women in Tech

My Journey from Full-Time Student to Interactive Designer

My experience here at Something Digital has been an exciting journey. This is my first full-time job, so I was not sure what to expect, especially in an agency. Most of my past internships have been at tech companies or in-house. As a Communication Design major from Parsons School of Design, I was eager to work in an agency after I graduated since I knew working with many clients and working on multiple projects at the same time would be great exposure for a young designer like me starting a career.

I recall going to the Parsons Fall 2018 Career Fair and discussing my senior thesis project with Mickey and Yasemin. That same week I remember nervously entering the SD office for my first interview with a couple of the team members. After two weeks, I got a call saying I was hired for the position of an interactive designer on the creative team.

My first day was filled with a rollercoaster of emotions. I was nervous, shy, overwhelmed and excited all at the same time. There was a lot of information to process, from how to set up my work station, to learning how to see my work for each day, to logging in my time. What helped me the most going through the day was the positive environment of Something Digital. Everyone was very welcoming and friendly. My coworkers on the creative team helped me with any questions I had. I believe an office filled with talented, energetic and positive coworkers who encourage each other and make others feel comfortable around one another is the best environment to be in, and that is exactly what Something Digital offers.

Throughout my time here, I have learned numerous skills on design tools such as Adobe Photoshop and Sketch. I’ve been exposed to a variety of UX concepts I can now utilize in my work, how meetings are structured and presented internally or with clients, as well as what components are included in ecommerce design. Most importantly, I have learned how to juggle multiple clients/projects at the same time. The difference between a full-time student and full-time employee working on multiple design projects at the same time is that for school, it was internally for my professors. However, working on multiple designs as an employee in a design agency is a totally new experience. I am acquiring real world experience through my daily interactions with our team of programmers and designers, as well as our clients. Being able to see how my designs help our clients and their businesses is a great feeling. It feels rewarding to see my designs on a staging site or website that has been launched for the public to utilize.

Overall, my transition from a student to a full-time employee has been unexpectedly enlightening. I have gained a lot of experience from the various projects I have completed and from speaking and interacting with my coworkers. Something Digital provides me with an opportunity I did not know I would receive in an agency. I am excited to continue my journey here becoming a stronger, more experienced designer in the process.

Written by: Amena Tyebji, Interactive Designer