If large, well-funded companies, even those that specialize in security (!), or whose business depends upon keeping their proprietary info safe, cannot keep their servers secure, what chance does a Mom and Pop operation like mine have?
This year I spent 4 weeks studying the OS X Server Security Config (400 pp.), and implementing those recommendations. I've looked at best practice guides for all the underlying FOSS tools I use. I monitor logs.
But it's seems never enough to keep out a determined, skilled hacker. Do I despair? Give up? What lessons can I take from this?