Pantheon's Guide to Security in Higher Ed and Beyond

David Needham, Pantheon
Paul Gilzow, University of Missouri

Drupal security is relevant to everyone, but particularly concerning to higher ed where you’re a big target with limited resources. Left to our own devices we may be inclined to search for a good article about Drupal security and install a slew of modules that sound promising. But did you understand why certain items were suggested, or what exactly they accomplished?

In this session, we’ll start by talking about security at a high level and describe why Universities are often a target. From there, we’ll give you a list of actionable takeaways relevant to anyone concerned about security.

What security issues are most likely to affect our site?
What are our options and what do they accomplish?
When should we apply them (and when shouldn’t we)?
What do we do about things outside of our control?
How do the pieces fit together into a more robust security posture?
David Needham
Developer Advocate @ Pantheon
David Needham is a Developer Advocate at Pantheon where he focuses on developer education and training. When he's not blogging about productivity at or speaking at conferences, you can probably find him with his bicycle-loving family playing board games in Champaign, IL.

Paul Gilzow
Programmer Analyst, Principal @ University of Missouri
Programmer Analyst. Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter. Runs on passion and coffee.

Drupal is a registered trademark of Dries Buytaert.