Naturally, being the MD of a Magento Design and Development Agency, I get asked quite a lot about my thoughts on all these Magento security patches that come out. In short, “bring it on Magento and thank you for your diligence”!
I can think of countless times I have worked in organisations where your security exposure is found by someone who has in fact maliciously hacked your site. There was no warning, it just happens and then you are in a ‘War Room’ situation with a bunch of people being pulled off projects and activities that were taking the company forward. However, you may have been one of the insightful ones that employed regular penetration testing (as it says on the tin, testing as many ways as you can to get in) and were able to identify the problem before you were hacked.
Sorry to deliver the bad news, but I am afraid this stuff is just going to keep happening as the hackers out there become more and more sophisticated. Ha! Here’s the real rub, these little hackers monkeys are getting flippin’ younger too!! Some do it for laughs, something to entertain themselves and show their mates how clever they are. In there ‘cyber world’ (to them there is no other world) it brings them fame!! I know, dull, but different things make people tick.
There are very few eCommerce platforms out there that continually test their platforms to check for vulnerabilities, never mind open source platforms, but Magento do! The fact they keep finding more ways that these malicious little monkeys manage to find ways in is all credit to their testing and a demonstration of how they are keeping up with the baddies out there.
So my call would be, especially with the price you pay for Magento, you couldn’t be safer. You just need to make sure that you keep your Magento install up to date.
Don’t fall foul to these little cyber monkeys and make Magento community or enterprise your eCommerce platform of choice.
