Questions to ask your eCommerce provider...

Operating a large scale eCommerce site is an enormous responsibility. Decision makers and day-to-day managers charged with driving results through the eChannel face increasingly sophisticated, yet also fickle, customers; increased competition; a myriad of technology options; and the ever increasing threat of cybercrime and fraud.

The fact that you are reading this means some, maybe all, of this applies to you. Please, read on, and allow us to help you understand why hundreds of professionals like you have chosen the Venda model. Venda's robust Software as a Service solution model with its robust feature set and its transparent, predictable pricing, deserves to be in your eCommerce provider consideration set. Please click here to contact us.

PCI Certification

Fraud and concerns over data privacy are the single largest impediment to online conversion and sales. Further, not staying 100% in compliance with ever evolving data security standards can cost your business millions. You have a responsibility to safeguard and protect your customer's data; the consequences of failure in this area are very severe. We encourage you to probe your provider's capabilities very carefully and ensure yourself of ongoing and complete compliance with PCI DSS standards.

First, what is PCI DSS?
The Payment Card Industry Data Security Standard is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. PCI DSS is managed by The PCI Security Standards Council which is composed of representatives from American Express, Visa, MasterCard Worldwide, and Discover Financial services.

Why is this important?
The PCI Security Standards Council encourages all businesses that store payment account data to comply with the PCI DSS to help lower their brand and financial risks associated with account payment data compromises. The PCI Security Standards Council does not manage compliance programs and does not impose any consequences for non-compliance. Individual payment brands, however, may have their own compliance initiatives, including financial or operational consequences to certain businesses that are not compliant.

PCI Fines - The Teeth of PCI-DSS Compliance
In 2006, Visa levied $4.6 million in fines, up from a 2005 total of $3.4 million. More recently, based on a January, 2007 breach, TJX Companies reached a settlement last month with MasterCard Inc. in which it will pay up to $24 million to banks and other institutions to cover fraud losses stemming from its massive data breach. TJX, parent of discount retain chains including TJ Maxx and Marshalls, struck a similar deal with rival card network Visa in which it agreed to pay up to $40.9 million.

Venda Websites are all Tier 1 Certified
Some eCommerce solutions purport to provide full certification for merchants; their approach typically falls short. Instead of submitting to a holistic audit of enterprise architecture and security standards, which Venda completed on February 11, 2008, they apply point solutions of hardware and software to merely the payments portion of their eCommerce application. Venda's Tier 1 certification was achieved at the enterprise level and spans all hardware, software and processes. Venda continuously audits its solution and processes to maintain a level of security that earned it, and its customers, the satisfaction of displaying the logo at right.

What is Your Site Uptime Record?

Venda's Software as a Service delivery model was designed to maximize uptime by minimizing or completely eliminating the issues that often bring site performance to a crawl. We have over 160 sites operating on powerful infrastructures consisting of load balanced, redundant server clusters. Many of our clients' sites have over 100,000 SKUs, while one has over 900,000 SKUs. We have processed over 1.4 million transactions on a single day on a single site.

Currently all live customer-facing equipment is co-located by Venda in private high security racks within SAS-70 certified data centers owned and operated by Savvis Communications (NASDAQ: SVVS). Savvis' dedicated, purpose-built facilities were designed by Intel to provide state-of-the-art hosting and network management for mission-critical systems. Savvis is a global Tier-1 Internet Service Provider whose own world-wide backbone and market-leading peering arrangements allow Venda to deliver content and serve applications to a global audience at guaranteed very high bandwidth data rates with exceptionally low latency.

Venda prides itself on its technology architecture, which provides both many business/cost benefits, as well as performance benefits. While speed is relative and subject to many constraints, we can confidently assert that we have "fast loading pages" and in 2007, delivered a site uptime performance record of 99.98%.

How are upgrades handled and how well does your solution scale?

Venda's Software as a Service (SaaS) solution delivery model permits us to upgrade and enhance our software ten times per year, once per month except over peak holiday shopping periods. These upgrades are deployed across the platform and are immediately available to all clients. Unlike traditional software applications, which require upgrades and patches for each instance and across a variety of hardware platforms, Venda's upgrades are frequent, reliable, and delivered at no cost to our customers. Plus, each client benefits from the innovation of the community of clients.

Venda's SaaS technology architecture is designed to scale both horizontally and vertically. Hosting is all inclusive: it includes maintenance, licenses and upgrades across all systems deployed as part of the solution, including core OS, utilities and Venda's own ecommerce software.

What Professional Services Are Provided?

At Venda, Software as a Service does not end when we deploy your website. Our solution includes the ongoing services of our Client Advocate team.

Client Advocates help our clients fully utilize all our current (and future) features in a way that makes business sense to the specific client. They take the initiative to improve performance, introduce new platform features and functionality, monitor all aspects of our service delivery to ensure excellence in service at all times, assist you with any changes you would like to make, have regular meetings to discuss your Key Performance Indicators and set quarterly goals with you. They allow all our clients to be "power users" and really flex our powerful, robust system.

Please click here to contact us.