Jeremiah Grossman on 100% secure websites
I think we all can agree that 100% security is impossible, even when adding layer upon layer of defenses, systems will fail eventually. Furthermore too much emphasis on obtaining “perfect” security will result in diminishing returns. When you get right down to it though what we’re really trying to do is keep the bad guys from compromising our websites and that doesn’t necessarily require 100% security. The challenge is finding the right balance between resources put in (time / money) and adequately reducing (not eliminating) the likelihood of getting hacked. Still often people mistakenly try to accomplish one by doing the other.
At Jeremiah's blog.
[ Read more ]