Security.


Security implementations are about balance, balancing risk against functionality.


I see too often someone going over the top with security, then because the security is so complex passwords are written down, thus breaking the security.


Also there can be significant costs to implementing some types of security, when a different design can work and provide the features needed. An example, Multi Factor Authentication implemented on a system, where you have internal staff and external clients logging in, done wrong you will need a licence for each of those external clients, this can ramp up the ongoing costs very quickly.


I have a deep understanding of certificates for things like HTTPS or secure email, using tools like Lets Encrypt, if you have full control over your DNS then this is straight forward to setup. No public facing website should be running without HTTPS



An error has occurred. This application may no longer respond until reloaded.Reload 🗙