DrupalCon New Orleans 2016: Simplifying Security: Protecting your Clients and your Company
Do you have the answers to your client's security questions? Do you know what questions you should be asking your clients to assess their security risk? During this session we’ll walk through how to have the “security conversation” with your clients, build a team and a process that gives you the confidence to take on larger and more complex projects which bring in additional revenue. Your reputation as an agency (and your client’s business) rely on a safe and secure site. By knowing the common pitfalls you can help navigate the treacherous waters of web security and lead your team to success and happy clients along the way.
How Drupal 8 stacks up for security and selling clients on migrations
Are you asking your clients the right questions during discovery?
Top 5 security myths
I’m too small to be a target
Private companies are not regulated
Encryption is complicated
Security kills performance
Proper encryption and key management is expensive and difficult
Ogres are like Onions: Security has layers. We’ll go through each of the following layers to your site and business to discuss what needs to be protected, who needs to be involved and good tools to use to create a baseline of security.
Platform (stack under the CMS)
Backend (PHP / Application Layer)
Front-End (HTML and Javascript)
Organizational (Password and key management, Security Response Plans)
Security is good for business:
Win More RFPs!
Government, Education and e-commerce platforms are great wins but come with heightened security requirements
Reduce your risk as an agency when building client sites
Minimize exposure to sensitive client data
Evaluating hosting options based on security
Just because they say PCI compliant doesn’t mean you are
leveraging hosting platform tools to improve processes
Case Studies of various types of clients and their security needs
Small Business
Enterprise
Education
How Drupal 8 stacks up for security and selling clients on migrations
Are you asking your clients the right questions during discovery?
Top 5 security myths
I’m too small to be a target
Private companies are not regulated
Encryption is complicated
Security kills performance
Proper encryption and key management is expensive and difficult
Ogres are like Onions: Security has layers. We’ll go through each of the following layers to your site and business to discuss what needs to be protected, who needs to be involved and good tools to use to create a baseline of security.
Platform (stack under the CMS)
Backend (PHP / Application Layer)
Front-End (HTML and Javascript)
Organizational (Password and key management, Security Response Plans)
Security is good for business:
Win More RFPs!
Government, Education and e-commerce platforms are great wins but come with heightened security requirements
Reduce your risk as an agency when building client sites
Minimize exposure to sensitive client data
Evaluating hosting options based on security
Just because they say PCI compliant doesn’t mean you are
leveraging hosting platform tools to improve processes
Case Studies of various types of clients and their security needs
Small Business
Enterprise
Education