How to Improve Your Digital Resilience

Posted by in Privacy and Security, Sustainability tagged with , ,

Digital resilience graphic icons showing security, accessibility, privacy, maintenance, capacity, and governance

When our digital products and services don’t work or aren’t available to those who need them, unintended consequences occur. In this post, we explore what digital resilience is, why you should care, and how to incorporate it into your own organization. 

At Mightybytes, our clients’ most common challenges are typically related to three things:

  1. Resources: They don’t have the technology, infrastructure, budgets, or other resources necessary to sustainably transform their organization in the digital age.
  2. Capacity: Overworked teams don’t have the people power to implement good processes that will support this transformation over time. 
  3. Knowledge: Teams struggle to keep up with always-changing “best practices” in an ever-evolving technological landscape.

These challenges take many forms within their organizations. On a day to day basis, perhaps they can’t effectively manage their marketing, communications, or website. Longer term, however, bigger problems arise:

  • Security Risks:  Neglected digital products and services become outdated, leading to potential security breaches—like a website hack—that put important stakeholder data at risk. 
  • Access to Information: Teams that can’t effectively manage their digital products or services are unlikely to prioritize accessibility, uptime, user experience, or other strategies that provide instant access to key information. 
  • Technical Debt: Over time, technical debt slows down products, making them unresponsive, unpredictable, and undermining users’ ability to accomplish tasks. 

Left unchecked, these issues cost organizations time, money, and resources. In extreme cases, exorbitant fines or lawsuits happen. 

Does this sound familiar? Let’s explore how impactful digital resilience strategies can help you address these issues. 

Image of Sustainable Web Manifesto website showing digital resilience as one of six key principles
#ID: Resilience is one of six categories in the Sustainable Web Manifesto. Consider signing it today! Link below.

What is Digital Resilience?

As the pace and frequency of disruption continues to increase, digital technologies will constitute a critical element of business continuity and organizational resilience to sudden external shocks. Digital transformation is only as good as the ideas that drive it.

— Tomoko Yokoi, Focused on Digital Resilience in 2021, Forbes

Digital resilience requires that digital products and services function in the times and places where people need them most. It is one of six core digital sustainability principles outlined in the Sustainable Web Manifesto. Digital resilience also aligns with Corporate Digital Responsibility (CDR) principles. 

While the idea is pretty straightforward, in practice digital resilience is more complex. Cybersecurity plays a major role as does data privacy, accessibility, web operations, performance optimization, communications, and so on. Digital resilience has also become increasingly important as organizations started conducting the majority of their business online during the COVID-19 pandemic.

To ensure business continuity, resilient organizations prioritize the availability of not only the digital products and services they create, but also those they purchase and use—hardware, software, third-party software-as-a-service (SaaS) products, and so on. 

Most importantly, good governance practices drive resilient organizations. Given the level of risk and far-reaching potential consequences, this is not surprising. 

Graphic showing significant Cybersecurity threats to organizations:
#ID: A Dell Technologies 2021 Global Data Protection Index survey of global IT decision-makers shows that 60-75% of respondents are not only concerned about cybersecurity risks, but also not very confident that they can recover.

Assessing Risk

Global leaders identified cyber risk as a major digital challenge, with 64% of respondents expecting they will experience a disruptive event within the next year. Nearly one in five (19.5%) respondents believe cybersecurity failures will be a critical threat to the world in just the next two years, and 14.6% project a critical threat within two to five years.

— World Economic Forum, Digital Resilience: Building the Economies of Tomorrow on a Foundation of Cybersecurity

As big businesses and government agencies increase security measures to address a rapidly rising number of cybersecurity threats, smaller organizations become new targets. Many are unprepared for these attacks or the problems that arise from them. 

For instance, nobody wants a hacked website. Yet, according to the HTTP Archive—which monitors and measures how the web is built—nearly 60% of web pages contain at least one JavaScript library with known security vulnerabilities. That’s significant. 

While cybersecurity typically falls under the purview of IT teams, marketing teams often make website-related decisions. This can potentially leave an organization vulnerable. Because digital is so ubiquitous across any given organization, we recommend auditing the entire spectrum of digital tools you use, from marketing and communications to finance and operations. More on that below.

Access to Information

Whether they’re trying to find time-sensitive information for emergency services or simply just researching your organization, people need fast and easy access to information. This is core to successful digital resilience. 

Consider the following when prioritizing information access:

  • People with Disabilities: Assistive technologies require specific considerations within your digital products and services. Use these to create more meaningful experiences for people with disabilities.
  • Low Bandwidth: Create a speedy, optimized experience for users on older devices or in rural areas. Not everyone has the latest smartphone or access to broadband connectivity. 
  • Mobile First: Prioritize a meaningful mobile experience in your design process. Remember, the majority of web traffic comes from mobile devices.
  • Web Hosting: Finally, product downtime can occasionally be attributed to hosting issues. When choosing a hosting provider, be sure to review things like security policies, uptime, customer service availability, and so on.

Prioritizing access to information throughout a digital product’s life cycle—as opposed to exclusively during project planning for a redesign—will improve digital resilience.  

Addressing Technical Debt

Over time, digital products can accrue technical debt. This causes slow load times, site crashes, and poor or unexpected performance. For instance, perhaps a product team tries features, plugins, frameworks, page builders, or other tools on the company website, only to abandon them for various reasons later on. Residual code may still exist on pages even though it’s not readily apparent to users. 

Worse, perhaps a team adopts agile processes in the name of moving quickly but neglects to refactor code as a product moves from sprint to sprint. Over time, the product becomes slow and difficult to use. 

Technical debt has significant usability implications. Poor-performing products frustrate users and increase churn. Plus, slow, bloated products are energy hogs, which impacts sustainability as well. All of this affects digital resilience. 

Seven Strategies to Improve Your Organization’s Digital Resilience

These seven tactics can help you reduce risk, improve capacity, and make your organization more resilient overall.

1. Run a Risk Assessment

First, audit the digital components of your organization to learn which are most at risk. Identify those most vulnerable to misuse or neglect. Collaborate with internal and, if applicable, external stakeholders to perform this assessment. 

Include the following in any risk assessment or audit you undertake:

  • Maintenance: Scheduled maintenance and security updates to products and services
  • Uptime: Hosting and third-party service uptime or known data breaches
  • Security: SSL certificates, Content Security Policies (CSP), Privacy Shield, and related security measures
  • Policy Reviews: Annual security and data privacy policy reviews
  • Password Management: Scheduled password resets and user review
  • Third Party Services: Third-party Terms of Service and data collection reviews

To ensure that your risk analysis doesn’t end up on a shelf, make it actionable. Collaborate on solutions, assign tasks to team members, and schedule regular check-ins to monitor progress.

2. Create a Code of Ethics 

Next, center your digital resilience strategy in a clear set of responsible guidelines that internal and external stakeholders can get behind. The risk analysis process will probably reveal organizational weaknesses and a chance to improve your policies and practices. Use this opportunity to create (or update) your Code of Ethics. Be sure to include digital-specific elements in the document. 

Publish the code on your website or in another publicly available location. Onboard your team and other stakeholders to improve adoption. Better yet, collaborate with them to co-create the guidelines.

Coming up short? Feel free to copy our Code of Ethics or craft your own based on the seven core CDR principles.

3. Shift from Project to Product Models 

Digital products are never “done”. Organizations that don’t appropriately resource their digital products and services over time often pay a steep price. Here are some practices to consider:

  • Product Maintenance: Set up a regular maintenance program to reduce security risks and keep software, plug-ins, and other product elements up-to-date. 
  • Product Management: Good product management practices can keep you from contributing to software bloat and building features that no one will use. 
  • Ditch the RFPs: Product mindsets require organizations to think differently about how they resource and fund digital product development. To this end, RFPs are problematic for so many reasons. For better business continuity (and cost savings), build long-term partnerships instead.
  • Prioritize (and Re-prioritize): With that being said, digital products still need to adhere to an organization’s budget. Good feature prioritization practices can help you keep digital product budgets on track while also helping you plan for the long-term.

Finally, good sustainable web design practices can go a long way to improve product performance. However, all the best practices in the world won’t fix a product that’s neglected over time. Prioritize good product management practices to improve digital resilience. 

Graphic showing software platform Trainual running on a laptop and mobile device.
#ID: Tools like Trainual, shown here, can help you create a knowledge base for important tools, documents, and processes.

4. Build a Knowledge Base

Technology is complicated. It changes regularly. So do team members. Organizations waste huge amounts of time and resources training (and retraining) teams on common digital practices. This undermines digital resilience.

Address team transitions and evolving processes by investing in online training and documentation for key digital practices and processes. This will help you improve employee onboarding. It will also give your team quick access to information that helps them more effectively do their jobs. In turn, this will help your team maintain and manage more resilient practices. 

To prioritize resilience, make sure any solution includes:  

  • Accessibility: Key stakeholders should have instant access to the information they need to be successful. 
  • Transparency: Communicate openly and honestly about the resilience challenges your organization faces and how training and skills-building contributes to long-term success.
  • Accountability: Provide benchmarking and topic reviews for users so they can track progress over time.
  • Findability: Include robust search features and taxonomy to intuitively categorize information in the database.

Appoint someone as Keeper of the Knowledge Base. Make sure they have the tools, time, and resources necessary to effectively manage and maintain the solution you devise. 

5. Prioritize Security, Accessibility, and Data Privacy

Improved resilience is a natural side effect of placing a high priority on data privacy, secure technology, and open access to information. Not only will you boost digital product and service availability, you’ll also comply with current and emerging data privacy legislation, like the California Consumer Privacy Act (CCPA), and Europe’s GDPR. 

New data privacy legislation is being introduced in countries around the world. Several U.S. states have already passed data privacy and protection laws with more to follow. Why not stay ahead of the curve? Given the widespread proliferation of cybersecurity risks, there is no downside to prioritizing these things within your organization.

Be sure to include the following in your organization’s data privacy and security efforts: 

  • SSL: Get a security certificate to verify server and website identity and ensure all product data is securely encrypted.
  • CSP: Add a Content Security Policy (CSP) to your site to protect from vulnerabilities inherent to cross-site scripting (XSS).
  • WCAG: Use the Web Content Accessibility Guidelines (WCAG) to improve access to information across your pages.
  • Data Disposal: Devise a clear data disposal strategy to ensure that your database remains lean and clean and you’re not holding onto data that users have asked you to delete (which could be illegal under the privacy laws mentioned herein). This is a key part of designing a more sustainable data strategy overall.
  • Opt-In: Always let users opt-in, not out. This is less about resilience and more about respecting people’s right to privacy. However, it’s a related topic, so we’re including it here.   
Graphic showing various ways organizations create strategic partnerships: through collaboration with both offline and digital tools.
#ID: Whether it’s conducted offline or with digital tools, good collaboration is essential to a lasting strategic partnership.

6. Create Strategic Partnerships

We have learned much more from Mightybytes than we would expect from a conventional vendor. The company challenges us to think differently about what actions we want our supporters to take, how we raise money, and what our relationships with the for-profit sector could and should become.

— Joel Brammeier, President and CEO, Alliance for the Great Lakes

Next, most organizations are consistently pressed for time. They must do a lot with a little. Strategic partnerships can help you fill gaps in capacity, knowledge, and resources. Align yourself with reliable partners who share your values. Build relationships with ethical, like-minded organizations that complement your strengths (and weaknesses). 

Plus, good partnerships grounded in trust and mutual respect can help you more easily create shared value and help each other make a measurable difference.

Design Sprint with Alliance for the Great Lakes
#ID: Facilitating a Design Sprint with the Alliance for the Great Lakes for their Adopt-a-Beach program. Read the case study at the link below.

7. Develop an Innovation Practice

Finally, innovation breeds resilience. Organizations that consistently nurture human-centered design and innovation practices within their various departments and teams tend to be measurably more effective in managing digital disruption. 

Do these things to foster innovation within your organization: 

These are just a few examples of things you can do to foster better innovation within your organization. Building an innovation practice is challenging. It means accepting failure, embracing the unknown, asking people to get out of their comfort zones, and playing the long game—all things that organizations in today’s business world are historically not very good at. 

However, if you can maintain the commitment over time, your rewards will be happier stakeholders, better products and services, and a more resilient organization overall. 

Building Digital Resilience: Next Steps

While governments and international institutions are looking for solutions to support companies, workers and communities, firms need to identify new business models, rethinking their human resources policies and even repositioning themselves in the new digital ecosystem. On the other hand, current global developments have shown, once more, that sustainability must remain the key driver of development in the transition towards sustainable consumption and production (SCP) based on all stakeholders engagement including governments, educators, the private sector and each and every consumer.

Digital Resilience and Economic Intelligence in the Post-Pandemic Era, Journal of Theoretical and Applied Electronic Commerce Research

Hopefully, the information in this post will help you identify potential areas for improvement in your organization’s own digital ecosystem. As technology evolves (quickly!) and wicked problems like the climate crisis and widespread social injustice become more disruptive to people and the planet, issues like those described above will only get more complicated and challenging. 

Incorporating sustainable development principles into the DNA of your organization—including its digital products and services—will help you better support stakeholders and improve resilience.

Every long-term commitment starts with a single step toward change. Which one might you take today? Of course, if you have additional questions or want to discuss any of the points outlined above, you are always welcome to contact us directly. Thanks for reading.

Improve Your Data Privacy & Security Practices

Download our free Data Privacy Checklist

Download the Checklist
Tim Frick founded Mightybytes in 1998 to help mission-driven organizations solve problems, amplify their impact, and meet business and marketing goals. He is the author of four books, including Designing for Sustainability: A Guide to Building Greener Digital Products and Services from O'Reilly Media. Follow Tim on Twitter or connect with him on LinkedIn.