Re: If you care about security
In defence of Wordpress, it is relatively easy to isolate and provides a way for non-technical people to spout their words of wisdom - if it was sitting in an environment where a compromise allowed access to key business data, then Wordpress is probably the least of the security mistakes in this story.
A CMS on the other hand, would allow you to get both the documents and the structure and given the timeframes of about 1 year to collect the information requiring less than 1Mbps to retrieve all of the data.
But surely given the nature of the information you are handling, sensible security precautions around authentication, application firewalling and IDS/IPS/monitoring systems would be in-place to avoid the destruction of the business...
Ha! Yeah right...
Biting the hand that feeds IT
