This morning I started by approaching new and fairly prominent brands on LinkedIn, trying to line up speakers for our upcoming Ecommerce Camp UK event. Recruiting, not auditing. But you cannot look at an ecommerce business with these eyes and see nothing, and what a surprise the morning produced. A UK company with offline stores across the country, having issues with its DNS setup. Another business, running seven different brands on Magento, carrying security issues. Found in passing, by one person, before lunch.
Of course, all the issues were reported to the appropriate people the same day, no invoice attached, because we keep hustling and trying to help at no cost, and that habit keeps paying for itself in ways no rate card captures. But the discovery itself is the story, because of who it happened to. These are not neglected side projects. These are big brands with large full-time expert teams.
MageCloud Morning Audit Note
One Morning of Looking
FIND ONE
A national retailer with DNS issues
A UK company with physical stores across the country, carrying a misconfiguration at the layer everything else depends on.
FIND TWO
Seven Magento brands with security issues
A multi-brand group whose shared platform carried problems an outside eye spotted from the public side.
THE UNCOMFORTABLE MATHS
A $49 audit would have caught both
A video walkthrough from an independent operator, the kind that costs less than the team’s lunch, beats another quarter of nobody looking.
Paul Ryazanov · MageCloud · reported free of charge, written up for everyone else
Why Big Teams Drift
It really makes me think, and the conclusion is not that in-house teams are bad. It is that when you have a large team of experts working full-time on the same property, over time they might not perform as they did on day one, and the decay is structural rather than personal. Familiarity blinds: the team stops seeing what they walk past daily, the legacy quirk becomes furniture, the warning that has always been amber stays amber. Ownership fragments: DNS belongs to IT, security to a contractor, the platform to the dev team, and the issues that live between desks belong to nobody. And internal reporting follows incentives, what gets surfaced upward is what someone is rewarded for surfacing.
None of that is fixed by hiring more experts into the same structure. It is fixed by a fresh pair of eyes with no history and no stake, which is the one input the structure cannot generate internally. The outsider’s advantage is not skill. It is innocence.
In Defence of the $49 Video Audit
Here is where I depart from my industry’s pricing instincts. I am becoming more and more confident that an external audit, even from a random guy offering it for a hundred bucks, could catch exactly these mistakes. I found another decent guy on LinkedIn offering audits for $49, and I would bet his deliverable is not a fancy PDF but a screen-recorded video walkthrough, very similar to the ones we produce ourselves, and the format I push on everyone who still ships fifty-page documents.
The reflex of a big brand is that cheap means unserious, that a $49 audit cannot possibly be procurement-worthy next to the £3-5K agency document. But the value of an audit is the delta between what it finds and what you knew, divided by what it cost, and on that arithmetic the cheap outside video routinely embarrasses the expensive inside consensus. The $49 guy has no incentive to flatter the existing team, no scope negotiated around sensitivities, and a deliverable you can watch at lunch. If big brands paid more attention to these types of audits, they could eliminate a meaningful class of issues for the price of rounding error. The expensive audit and the cheap one are not even competitors; one is a procurement event, the other is hygiene, and hygiene is the one that catches the DNS.
The Standing Habit to Steal
The takeaway is a cadence, not a purchase. Once or twice a year, pay a competent outsider, cheap is fine, independent is mandatory, to spend an hour looking at your property from the public side and record what they see. Rotate who you use, because fresh eyes stop being fresh. Act on the boring findings first, DNS, certificates, the patch level on whatever platform you run, because the boring layer is where this morning’s finds lived.
And if a stranger ever messages you reporting a problem with your site, free, unprompted, slightly awkward: that is the cheapest audit you will ever receive. Read it, test it against the sender’s own standards if you doubt it, and thank them. Two prominent brands got that message from me this morning. If you would rather schedule the look than wait for one, get in touch. The video format costs almost nothing. The DNS finding pays for a decade of them.