Utilizing an open source content management system (CMS) like WordPress is in stark breach of a hotelier’s fiduciary duties and exposes them to great security and vulnerability risks hotel managers and owners cannot afford.
When making any decisions regarding the property’s most important digital asset, the website, there are many factors to consider which could make or break your online distribution strategy. The website’s look and feel, while extremely important, is only one piece of the revenue-generating puzzle.
Whether or not you choose to invest in the right technology that allows for a robust merchandizing strategy – specifically the Content Management System (CMS) – plays a huge role in whether or not you will be able to maximize revenues from the direct online channel, convert your website visitors and meet your revenue goals.
Choosing an open source CMS to power a hotel website is extremely risky and limiting in terms of what you are going to be able to achieve. Here are some reasons why:
- Open source CMS’ are very vulnerable to security issues
It’s all in the name. Free, open source systems are used by many small blogs and content websites making them an “appetizing” target to the army of hackers out there.
Why do hackers target WordPress and other open source CMS platforms? WordPress is one of the most popular blogging and CMS platforms for private blogs and small content websites out there. Though some “junior” hackers may do this for “the kicks of it,” serious hackers can make a ton of money by hacking eCommerce (e.g. hotel websites) or bigger websites by actively altering content and marketing messages, re-directing website visitors to outside commercial websites (e.g. affiliate websites, gaming and porno sites, etc.), or uploading malicious codes and viruses that turn your website into a “virus spamming machine.”
Here are just a few recent headlines concerning WordPress security issues:
A service powered by CVEDetails monitors and lists vulnerabilities and security issues of WordPress and other open source CMS platforms. Currently it lists 205 WordPress vulnerabilities and security breaches!
One of the biggest vulnerabilities of the WordPress platform is its reliance on a myriad of plug-ins created by third-parties and developers. While important for the mere existence of WordPress as a CMS, these plug-ins become “appetizing” entry points for thousands upon thousands of hackers, viruses and spam bots created specifically to scan the Internet for vulnerable WordPress-related “entry points” and weak spots. For every security plug-in or update installed to secure your WordPress-powered website, ten more malicious viruses are created.
Once your site’s security is breached, your website becomes a spam- and virus- spewing entity, which will prompt Google to quickly shut down your website, resulting in a monumental loss of revenue (this happened to several clients with WordPress websites inherited from previous vendors).
Another example is the use of WordPress-powered websites to launch massive distributed denial of service attacks (DDoS). Broadly, a DDoS attack is an attempt to make a network resource unavailable to its intended users in an attempt to disrupt service. Earlier today, we discovered yet another example of how malicious hackers used a WordPress-powered hotel website as a “work horse” for their distributed denial of service attack (DDoS).
- Open Source CMS does not equal Portable CMS
A common misconception among some hoteliers is the notion that you can port your open source (e.g. WordPress) website easily from one vendor to another, and that having this type of CMS will make you less “vendor dependent.”
Moving a website from your old vendor to a new one is not like moving a book from one library shelf to another.
In our nearly 20-year old website development practice, we have found it is faster and less-expensive to re-develop the entire code of an existing WordPress website and attach it to our smartCMS platform (or any other CMS technology), than to simply port the existing website.
- Open Source CMS DOES NOT Mean Free
Another common misconception is that an open source CMS is a free CMS. Hoteliers are extremely busy and wear multiple hats at the property and operate with a lean staff. Making critical updates to the property website, including changing out the specials and packages, adding new pages for SEO purposes, personalizing website content for different audiences, updating photography, events, etc. needs to be simple and easy to do quickly.
WordPress’ clunky interface makes these property website updates difficult, if not impossible, to make without a qualified developer on staff and often require outsourcing to a vendor.
Having to depend on a 3rd party to make these website updates, or hiring a developer to make these changes to the hotel website is very costly and not a good use of the property staff’s limited resources.
Most open source CMS’ are clunky and require quite a bit of customization. Have you ever tried adding a new section to a website using WordPress as the CMS? Or changing the website’s design theme? If you are a multi-property company, have you tried adding a new property with this type of CMS? It is almost impossible to accomplish these types of changes without being extremely comfortable with updating the core HTML/CSS.
- An Open Source CMS DOES NOT Support Merchandising Capabilities in Hospitality
A strong merchandising strategy engages users, encourages bookings, and generates leads via the website. The hotel website requires a merchandising strategy centered on communicating the unique features of the property (hotel services, meeting & event space, latest promotions and special offers, local attractions, and more) and focuses less on the rate alone. This next generation of merchandising allows the hotel to “sell on value” as opposed to “sell on rate” and to maximize revenues on the hotel website like never before.