DrupalCon New Orleans 2016: Simplifying Security: Protecting your Clients and your Company

Do you have the answers to your client's security questions? Do you know what questions you should be asking your clients to assess their security risk? During this session we’ll walk through how to have the “security conversation” with your clients, build a team and a process that gives you the confidence to take on larger and more complex projects which bring in additional revenue. Your reputation as an agency (and your client’s business) rely on a safe and secure site. By knowing the common pitfalls you can help navigate the treacherous waters of web security and lead your team to success and happy clients along the way.

How Drupal 8 stacks up for security and selling clients on migrations

Are you asking your clients the right questions during discovery?

Top 5 security myths

I’m too small to be a target

Private companies are not regulated

Encryption is complicated

Security kills performance

Proper encryption and key management is expensive and difficult

Ogres are like Onions: Security has layers. We’ll go through each of the following layers to your site and business to discuss what needs to be protected, who needs to be involved and good tools to use to create a baseline of security.

Platform (stack under the CMS)

Backend (PHP / Application Layer)

Front-End (HTML and Javascript)

Organizational (Password and key management, Security Response Plans)

Security is good for business:

Win More RFPs!

Government, Education and e-commerce platforms are great wins but come with heightened security requirements

Reduce your risk as an agency when building client sites

Minimize exposure to sensitive client data

Evaluating hosting options based on security

Just because they say PCI compliant doesn’t mean you are

leveraging hosting platform tools to improve processes

Case Studies of various types of clients and their security needs

Small Business

Enterprise

Education

Drupal is a registered trademark of Dries Buytaert.