Those who trade security for coffee deserve neither

A recent article reports results from a survey which shows, among other things, that companies are spending more money on coffee for their employees than securing their "web applications", whatever that means. (In this day and age, is there any application that doesn't have at least some network-facing capability?)

In any case, being an advocate of both strong coffee and strong encryption, I can understand the dilemma. You need to caffeinate your sysadmins so they can keep up their daily grind of writing Javascript, while still allowing them to esperesso themselves that, actually, not beaning standards compliant is going to cause a latte problems.

(Coffee pun hat tip)