"Stronger security" with Drupal. What, you mean Joomla can be more easily hacked?

Well, no, that's not typically what the Drupal people mean by this. As with all CMSs, the number one weak point for hacking is passwords that are easily cracked. Since that's all about human error, Joomla and Drupal are equally vulnerable in that regard.

The second weak point in the chain is making sure that your web developer updates your site quickly and efficiently to the latest "dot release" as they're released, rather than ignoring sites as our competitors frequently do. Open source CMSs are great in that they're free, and freely available, but it also means when a security vulnerability is found, everyone knows about it. When the latest security release comes out, you need to upgrade your CMS, no matter what package you're running, or you're more vulnerable to being hacked. We at 4Web include free upgrades for a year as part of our contract, and we stay on top of when new releases come out and get the upgrades done -- unlike many of our competitors. You do this on your Windows/Mac computer, often unseen, with little updates all the time (largely security-related). Your CMS software is really no different.

But the "stronger security" many of our Drupal competitors refer to actually has to do with something called permissions. Sally can edit pages A, B, and C, while Joe can only edit A and C. This is important in very large corporations, in which there's a real fear that someone could edit something they're not authorized to edit. Historically, this is something Drupal supported, but not Joomla.

Most of our clients only have 1-4 people editing a site anyway, and most of them are on good terms and don't need to worry about this. Generally, it doesn't come up as an issue when we talk with our clients.

But every once in a while, it does come up, and now Joomla can handle this type of permissions. There are two extensions available that allow this to happen. One is about to be released and the other has been released.

In our view, this permissions issue has been the only compelling reason to go with Drupal over Joomla. That difference has now been removed, so once again, clients are free to compare web development firms on the basis of responsiveness and quality of work rather than on the software packages they offer.