inordeck
commented
7 years ago and then this happened: https://www.nytimes.com/2017/06/27/technology/global-ransomware-hack-what-we-know-and-dont-know.html
is anything "secure"?
Closed inordeck closed 7 years ago
inordeck
commented
7 years ago and then this happened: https://www.nytimes.com/2017/06/27/technology/global-ransomware-hack-what-we-know-and-dont-know.html
is anything "secure"?
ZebGirouard
commented
7 years ago Excellent question, Ian!
I got some helpful information from (my boss) Antony, who has done some eCommerce work. I don't know if we have a direct answer to your question, but he had some useful things to say.
He said that list you linked is consistent with his experience.
https://www.inc.com/bill-carmody/top-5-ecommerce-platforms-for-2017.html
He also said: "Security breaches are a function of so many different factors. Even a "secure" platform can quite easily become insecure if you make a variety of mistakes."
And: "At this point, the frameworks seem legion. They also frequently focus on only part of the problem."
And: "TJMaxx, Dropbox, Yahoo, have all had massive security failures in the form of leaked/stolen user data."
Does that answer your question?
ZebGirouard
commented
7 years ago Another instructor added this sound bite:
"Shopify is very popular from what I've seen, but I can't comment on it's security.
[2:51] Also, there is the spree gem for rails, which is as secure as you make it. :"
ZebGirouard
commented
7 years ago @inordeck
And this is the rest of it:
Jens H. Nielsen [6 days ago] For a small team I recommend Shopify - I use that in my own company. It’s a market leader and global in the sense that they accepted credit cards from all over the world, not just popular American ones.
Magento is good but it requires that you have a team to support it, also you have to run a server that you have to maintain, update, apply security patches etc. ( people often forget this part in the equation ). The credit card fee’s are often a little lower than Shopify, but then the upfront payment of the development is of course higher. So it’s a matter of economics.
Price of team + server fees + development < diff of credit card fee * revenue
If the above is true - go for Magento otherwise go for Shopify
Jens H. Nielsen [6 days ago] Regarding security - I would say that Shopify is more secure. They have experts working on it 24/7, while the Magento solution properly is develop by a local team. Using Magento you often use a 3 party payment solution ( that hopefully have their own experts ) anyway, so the attack vector is more often towards the server to get client and business information, not the actual credit card info.
primaulia [2 hours ago] Big Cartel can be an alternative too for beginners. The setup is less complicated than Shopify, very squarespace-y WYSIWYG vibe. The pricing can be cheaper yet but the products that you can store is much lesser than shopify. There were no mention about security on their side, but so far my past projects that have used Big Cartel gave no complaints.
inordeck
commented
7 years ago thank you for such a thorough response. i appreciate you reaching out! issue closed | ian
I know there are a lot of e-commerce platforms, many built into website builders like squarespace, but which is the most secure?
https://www.inc.com/bill-carmody/top-5-ecommerce-platforms-for-2017.html result: 1. shopify, 2. bigcommerce, 3. magento, 4. yokart, & 5. big cartel
https://www.quora.com/Which-is-the-most-suitable-secure-CMS-for-eCommerce-website most answers point to magento, although there were several mentions of kartcastle and woo commerce, but i know wordpress has a reputation for security issues.
i asked a former colleague of mine who was a magento developer (so there's some bias there) who said nothing beats magento on robustness and security because of it's open source base