When the internet was still in diapers, websites were painstakingly coded page by page and line by line. Updating existing pages was an equally arduous process, with even the smallest changes requiring hand-editing. Thankfully those days are long over, and a Content Management System (CMS), has made the process of building large websites and updating them, a much more practical, accessible and scalable process.
A CMS is a web-based platform upon which most websites today are built. At its core, a CMS allows authenticated users to manage and update content on a website by giving them the ability to edit, delete, and publish content in an intuitive way, with no coding knowledge required. Not only has this drastically reduced the cost of doing business for companies big and small, but it also reduces the risk of deleting or “breaking” the integral pieces of code. This may include code that handles the structure of a site, the layout of pages, or the many the components that keep the back-end operating the way it’s supposed to.
Given the many CMS solutions available today, we’re often asked here at Primacy to provide guidance on finding the right solution for our clients. While every business is different, and there are a multitude of considerations unique to an organization’s particular requirements and industry standards – there are some general guidelines that can help businesses narrow down their choices and make more informed decisions:
Open Source vs. Closed Source CMSs
As mentioned, there are a lot of options when it comes to a CMS, but they can generally be segmented into either Open Source or Closed Source solutions.
At a high level, if a CMS is Open Source that means all of the code that makes up the system itself is available for modification. As you might expect, Closed Source is the opposite, and only the creator of that system can change the system code. In either case, the “content” part of the CMS is available for authors to create, update, and delete as needed. This means images, copy for pages, and more can all be edited by users authorized to do so.
Both Open Source and Closed Source CMSs have inherent pros and cons to consider. Determining which of these environments is better for your needs is a good place to begin eliminating options.
Open Source CMS Pros and Cons:
Example platforms: Drupal, WordPress, ExpressionEngine, Craft
Access to all of the code
With access to the code, you can correct any bugs in the code much more efficiently. Typically you’ll want to follow patching best practices (which is usually something that the CMSs web site will instruct you on), but if there is a piece of code that doesn’t follow your company or industry standards, you will have the ability to modify it.
This comes with a big caveat: Open Source CMSs will occasionally push a system-wide security update to all users, which means that any custom patching that you have performed may be effected. In which case, you’ll have to re-implement this custom coding after the security update. For this reason, it is typically not recommended to update the core code of the CMS as it can often prove inefficient for large builds requiring a lot of custom patching.
A vast community of contributors and add-ons
Popular Open Source CMSs have large communities of contributors who use the system and create new features, add-ons, integrations or patches for any issues, and will share this code with the community. This means that you can often find solutions to common issues or new features by doing a simple Google search. This can save businesses the time and resources required in developing some common integrations or tools that aren’t available “out of the box.” For example, if you needed your site to be able to connect with Salesforce to store information about contacts there is most likely a module pre-built by another user in the community that you can install without the need (and expense) for any custom programming.
Many, if not all open source CMSs are free, or relatively inexpensive to use and there are no licensing fees associated with using the CMS. To support an Open Source CMS a partner only needs to be versed in the underlying development language. For this reason, it is often easier to find technical partners to support an Open Source CMS, especially for the more popular platforms as they have widespread global usage.
Open Source CMS Cons:
Security can be an issue with Open Source CMSs due to the code being exposed, and the sheer number of contributors contributing to that code. Since code contributors can potentially have different coding standards and there aren’t always dedicated teams to check the code for security vulnerabilities, there are times where bugs in the code and security vulnerabilities can make their way to a release.
(Note that the more popular Open Source CMSs like Drupal and WordPress are proactive about finding security vulnerabilities not only in the core CMS but also in the hundreds of community-contributed modules as well. That said, anyone using an Open Source CMS should be vigilant about implementing security patches whenever a vulnerability is made known and a patch made available.)
Customization of open source code
Even though there is the ability to customize open source code to your liking, it can be very costly and time-intensive to do so depending on what your needs are. Some examples of core functionality might be asset management, roles and permissions, versioning, multilingual support, multiple website support and more. If either an Open Source or Closed Source (proprietary) CMS doesn’t provide the core functionality you are looking for, Primacy would recommend finding one that does.
Targets for hackers
Unfortunately, Open Source CMSs are more of a target for hackers than proprietary CMSs. As referenced earlier, anyone can become familiar with the foundational aspects of an Open Source CMS code base. So a developer with bad intentions can potentially find security vulnerabilities in that code before they have been fixed, or take advantage of known vulnerabilities before patches have been implemented. That said, the best Open Source CMS platforms handle security well as this is a known issue. For example, Drupal has a dedicated committee that quickly addresses and responds to security vulnerabilities, and controls the flow of information as to limit the risk for users. And, the sheer number of developers reviewing every line of code limits the number of potential areas of weakness in live sites. For this reason, large, high-profile organizations such as the Department of Defense and NASDAQ have adopted Drupal as their CMS despite the platform being Open Source.
Closed Source (Proprietary) CMS
Examples platforms: Sitecore, Adobe, Shopify, Kentico
A Closed Source, proprietary CMS is one where the source code of the CMS is not available for modification or distribution except by the creators of the CMS. Again, this comes with its own set of pros and cons:
Closed Source CMS Pros:
Since a proprietary CMS is typically written by one company and one staff, they are the absolute experts on their CMS, and often the platform license comes with a dedicated customer support team, on-boarding representatives and more – which can be a great resource for the development team that is building and maintaining your website.
Closed Source CMSs typically have more complex functionality (like setting granular permission of content for example) baked into the platform and available for use from day one, whereas Open Source CMS would likely require an add-on or customization to achieve complex functionality.
Because the source code of a proprietary CMS is not something that can be modified or distributed at large, it reduces the likelihood that hackers can study the code and discover security vulnerabilities. Although with any proprietary CMS, there will be security vulnerabilities discovered, they typically occur less often than with their Open Source CMS counterpart.
Closed Source CMS Cons:
Too many pre-built features
A Closed Source CMS will contain multiple features, some of which you’ll need to accomplish your business objectives and others you will not need at all. Although having these features can be great for the scalability of your web site, they can also be confusing and “get in the way” of maintaining your web site as it grows and changes over time.
Proprietary CMSs will have a cost considerably higher than an open source option. Many times there will also be different types of licenses, some that include all the features of a CMS and robust support, and others that contain minimal features and limited support. Upfront and reoccurring licensing fees should be included as part of the total cost of ownership for a website built using a Closed Source CMS.
Less Frequent Releases
Unlike Open Source CMSs, software companies typically have a slower schedule of platform updates and releases. They have a limited set of developers dedicated to updating the product, whereas an Open Source CMS has potentially thousands of developers creating new features and tools on a regular basis. Again, it’s critically important that a Closed Source CMS offers the core functionality you need at sign-on.
Questions to Ask Before Choosing a CMS:
Often, the respective pros and cons of Open and Closed Source CMSs can considerably narrow down potential options. After determining which of the two options is best for your business, some more questions to ask your stakeholders can help further refine potential options may be:
What features does the CMS include “out of the box”?
First and foremost – you need to make sure the CMS you choose has the core features you need to accomplish your business objectives. For example, if your website will have multiple content contributors who will have limited access to parts of the site – consider that with Sitecore, an organization can tailor permissions as to who can update content using the CMS without add-ons, whereas the default permission system in Drupal is not as robust, and would require an add-on or custom functionality to build out this level of permissions.
What is the total cost of ownership?
After determining what CMS’s meet your core business needs, you should start taking a look at any licensing costs and what having the license includes. Again, the total cost of ownership becomes a consideration when looking at one-time setup fees, license durations, renewal costs, maintenance and more.
How secure is the CMS and how are security updates managed?
One of the most important things to know about the CMS you choose is how security is maintained system-wide. Understanding how security updates are deployed and implemented should be a top consideration for both Open Source and Closed Source options. Security should also apply to the CMSs database as well. If your website stores any personal identifying information about a user, the CMS should have the ability to encrypt those database tables the sensitive data is stored in. (A not so fun fact: in the first half of 2018 there were 4.5 billion records stolen in cyber attacks, and shockingly, less than 3% of these records were encrypted.)
How easy is the CMS to use?
As you can imagine, this is a very important question that directly affects how an organization can manage content and other functionality on the website in the future. Much of this is dependent on your developers’ implementation, however not all CMS’s are created equal. Different CMSs can approach things as simple as constructing a page very differently. Primacy would recommend seeing if there is a demo version of the CMS that can be used for different kinds of users to explore and rate based on how intuitive the CMS is. In either case, the tech partner implementing the CMS should provide user training before launching a website, showing different kinds of authors how to update and maintain the website as needed.
Since every business is unique, and every website has differing requirements, we typically suggest that businesses construct a matrix of prioritized requirements and measure each CMS in consideration against those requirements. This matrix should be created with the involvement of stakeholders across various parts of your organization as it relates to your website. This typically includes marketing and technology teams, but may also include customer service, sales teams or other departments which may have other web services connected to your CMS such as Salesforce, ZenDesk, Domo and many more.
Whether you’re redesigning an existing site, upgrading to a different CMS, or setting up a site for the first time, choosing the right CMS can be a challenging process. But ultimately, you should remember that the primary goal of your CMS is to make your life easier, and your business more efficient. Starting with your specific needs and functionality requirements as a north-star will ensure the best results.
One last thing: in evaluating whether an Open or Closed Source platform best addresses the needs of your organization, it’s worth noting there may be another option worth considering. Some companies offer a custom branded product that incorporates and improves upon one of the Open Source platforms you’re considering. This approach can offer many of the advantages from each category within a single package. Such products layer the essential features and capabilities, expected from the best commercial products, on top of an already well-established Open Source product. These custom branded products may more specifically focus on the needs of the industry most associated with your organization.
For more information on CMS options and how Primacy might be able to help you find the right fit for your organization, contact us here.