My company won't allow PHP. Is this unusual?

[Mark Thiessen]

I work for a large non-profit organization. We use Filemaker for several intranet projects but our IT group won't allow open-source projects like PHP to web-enable them. They cite security reasons. Is this unusual? Are there other organizations that won't allow PHP?

They will only allow Lasso to web-enable our databases.

I'm sure Lasso is a fine tool, but why is Lasso more secure than PHP?

Does anyone have any good arguments I could use to convince our aging IT guys that PHP is good to use.

[corn]

No, there are no good arguments.

You can't reason someone out of a position they didn't reason themselves into.

[Fitch]

Mark, I agree with Corn in that it's ridiculous to say "open source = insecure" -- implying the equally ridiculous converse that proprietary systems are secure. (OS X vs. Windows: discuss.)

However, it might be fair to say that PHP requires more expertise to set up proper security, and not just knowledge of PHP but also the web server it's running on etc.

Lasso also has a marginal advantage in "security through obscurity" -- i.e. it's a smaller target for malicious hackers.

You might want to post this question to the FileMaker Talk list, since it is run by LassoSoft:

http://www.ListSearch.com/FileMaker/

Also take a look here:

http://www.mactech.com/articles/mactech/Vol.22/22.07/PHPvsLasso/index.html

--

"You can't reason someone out of a position they didn't reason themselves into."

That's one of my favorite sayings! Nice one, Corn.