Thanks! There’s a reason large enterprises spend a ton of resources on security while SMBs are vulnerable on just about every public attack surface: priorities.
Well that and expectations. Most small business owners see security as part of the developer’s job. However don’t realise it’s something that needs non-stop attention as websites and technologies in general are affected by erosion. What’s safe today might not be tomorrow. The developer isn’t at fault for that, and yet the website owner refuses to foot the patch bill, or pay for continuous monitoring.
I could write all day about this and we’ve only been in the trenches for a few weeks now :p
Well that and expectations. Most small business owners see security as part of the developer’s job. However don’t realise it’s something that needs non-stop attention as websites and technologies in general are affected by erosion. What’s safe today might not be tomorrow. The developer isn’t at fault for that, and yet the website owner refuses to foot the patch bill, or pay for continuous monitoring.
I could write all day about this and we’ve only been in the trenches for a few weeks now :p