View Garfield ComicWhen it comes to web security, some solutions are just inherently better than others. Everybody knows elves are only good at making toys beneath the ice of the North Pole or baking cookies in magically flame-retardant trees. So if you ever found a way to make elves work all year long for free, like Santa, you’d be better off putting them to work making snacks and copyright-breaking toy knock-offs rather than dumping them in an IT department. Websites need real security. Fortunately, Drupal has that covered.
Drupal has an entire team dedicated solely to finding and fixing security issues. Now, if that team had to find every hole and issue alone, the scope would just be too broad to be manageable. But they don’t. That’s because of something Drupal has that’s a little more unusual: community.
Open source systems usually have a conglomerate of people contributing, but not collaborating. Drupal’s security team helps pull the community of users in to work together. As soon as someone finds an issue, the team is notified, and they fix it. Other open source systems usually don’t have that, so it takes longer for problems to be found and resolved. Completely custom systems never have that kind of support. Drupal has hundreds of thousands of users constantly testing it and an entire team focused on resolving issues—it’s bound to be more secure than anything an individual builds alone. There is strength in numbers.
And if you’re starting to wonder if this method of fixing security holes might be a hole in and of itself, the Drupal security team has already thought of that. Only those using the module in question are notified when an update is required, so only they would know there was a hole until the problem was fixed. The team doesn’t carelessly tell the world that there’s a hole in security, and they don’t leave the hole there long.
With Drupal, there’s always a support system, always an army of fellow-users making sure that the first person to find a problem isn’t the person who might exploit it. And that’s much better than an army of elves.
Well, unless you’re craving cookies, anyway.
Open source systems usually have a conglomerate of people contributing, but not collaborating. Drupal’s security team helps pull the community of users in to work together. As soon as someone finds an issue, the team is notified, and they fix it. Other open source systems usually don’t have that, so it takes longer for problems to be found and resolved. Completely custom systems never have that kind of support. Drupal has hundreds of thousands of users constantly testing it and an entire team focused on resolving issues—it’s bound to be more secure than anything an individual builds alone. There is strength in numbers.
And if you’re starting to wonder if this method of fixing security holes might be a hole in and of itself, the Drupal security team has already thought of that. Only those using the module in question are notified when an update is required, so only they would know there was a hole until the problem was fixed. The team doesn’t carelessly tell the world that there’s a hole in security, and they don’t leave the hole there long.
With Drupal, there’s always a support system, always an army of fellow-users making sure that the first person to find a problem isn’t the person who might exploit it. And that’s much better than an army of elves.
Well, unless you’re craving cookies, anyway.