Jan Claeyssens, Devsecops Principal Engineer at Dunelm, discusses the retailer’s collaboration with Fastly in its mission to build an effective security strategy at the Edge.
Dunelm, one of the UK’s leading retailers, has collaborated with Fastly, the software development company, to support a major Digital Transformation initiative and secure its online presence.
Dunelm.com switched to Fastly to increase speed for its shoppers across web and mobile storefronts, enhance security, deliver site updates faster at scale and augment an Infrastructure-as-Code strategy. The results: an average of 978% improvement in page load speed on its homepage, a 23% increase in basket performance, a 200x increase in deployments and greater protection of customer data.
How Fastly supported Dunelm to rebuild its website and prioritise the customer experience
Dunelm approached Fastly with the target of taking its business operations to the Edge. In practical terms, this meant prioritising a highly performant, API-first approach, with the target of 100% Infrastructure-as-Code – and giving Fastly 18 months to build this.
The organisation wanted this because legacy infrastructure has several issues that impacted the way Dunelm was able to do business online. Monolithic architecture with single points of failure that was difficult to scale severely limited the business’ flexibility online and made its operations vulnerable to cyber threats.
The first step in achieving this technological shift was to transform the mindset of the teams working at Dunelm. This cultural mindshift meant each team had their priorities altered as they were reoriented towards delivering strong outcomes for the business. It also prioritised a low-code approach, with modular blocks of code built to update across the platform and remove any duplicated code to remove redundancies.
Partnership successes
This approach was hugely valuable as the customer journey through the Dunelm website was prioritised and tested, while observability was placed at the heart of all infrastructure. Additionally, by giving individual teams increased self-serve capabilities, their autonomy and ability to experiment (with guardrails in place) was significantly expanded.
In concrete terms, this partnership resulted in a major streamlining of the way Dunelm’s teams worked. The initial target of 100% Infrastructure-as-Code was hit and automation was implemented as standard practice as widely as possible. Additionally, services and toolings were consolidated, reducing third-party partnerships and greatly increasing efficiency across the board. These changes drastically improved performance, with updates to the Dunelm site now taking minutes, rather than hours and website load speed improving by 978%.
Cybersecurity repositioned as an enabler of innovation
Before Dunelm partnered with Fastly, security was a siloed issue. Ownership of security challenges was unclear, reporting was obscure and there was minimal observability, with inaccessible tools and fundamentals, such as WAF logs, unavailable for viewing.
The priorities for repositioning cybersecurity as a business priority were clear. There needed to be clear ownership and observability of security processes, security as code was implemented to enable to keep costs down and give teams flexibility and a shift left mindset was implemented across the organisation to ensure security was prioritised at the earliest stages of all product development.
Dunelm also reassessed how it responded to cybersecurity breaches as part of this process, removing any individual blame to instead focus on working as a team to resolve any issues. There was, however, still significant positioning work to be done to alter the way teams across Dunelm perceived cybersecurity. To rectify this reputation of cybersecurity blocking innovation, Dunelm launched its Security Champions initiative alongside its Secure Code initiative to position security as an enabler of innovation, encourage discussions and allow teams to showcase their ability to build new products while working in a security compliant way.
Jan Claeyssens, DevSecOps Principal Engineer at Dunelm, discusses the collaboration in more detail and what’s on the horizon.
How has the collaboration with Fastly impacted the overall customer experience – have you received any feedback in the way of this?
For our internal customer base, it has significantly increased our engineering and release capability. Developers can see the code and contribute to our Fastly codebase. We use a cookie-cutter approach to speed up deployment for new services. This approach also still allows for enough flexibility to tailor the configuration to the specific needs of a new microservice, providing the best of both worlds.
For an external customers – no feedback to hand but we know they’ll be pleased with an average of 978% improvement in page load speed on the Dunelm homepage.
How would you now describe your IT capabilities and how does this influence your competency as one of the UK’s leading retailers?
We have created several strategic partnerships with vendors who are at the top of their game in their respective market segments. Combined with our fantastic engineers and the solid technical backbone we have created over the last 5 years this allows us to quickly adapt to a variety of economic challenges and be in control of our own future.
What’s in store for Dunelm’s digital future?
We will continue to focus on further strengthening our product mastery, developing and enhancing our stores and digital channels, building out our marketing ecosystem, in order to create an even better experience for our customers.