From: InfoSec News (alertsinfosecnews.org)
Date: Mon Sep 22 2008 - 01:04:57 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.informationweek.com/news/security/app_security/showArticle.jhtml?articleID=210602800

By Charles Babcock
InformationWeek
September 19, 2008

Who's watching the database? Not every DBA is as diligent as he or she
should be, according to a study released this week.

Oracle (NSDQ: ORCL) and the International Oracle Users Group
commissioned Unisphere to survey the user group's members in July and
August and, out of 316 respondents, found 20% anticipated some kind of
data security breach over the coming year.

Six acknowledged some kind of violation over the last year. Three out of
four acknowledged they do not consider all of their database systems to
be "locked down." It wasn't clear whether by "security breach" they
meant a small, inadvertent viewing of payroll or other sensitive data by
an internal employee or the loss of 94 million records, as occurred at
TJX (owner of T.J. Maxx, Marshalls, and other retailers) in January
2007. Survey participants acknowledged both insiders and outsiders pose
significant risks.

"The breach by an external party tends to be more visible, but internal
breaches are more frequent," said Ian Abramson, president of the IOUG
and a database consultant working in Canada.

[...]

__________________________________________________
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!
http://conference.hackinthebox.org/hitbsecconf2008kl/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]