An independent survey published by UK company Secerno suggests that databases are open to attack from growing insider threats.

Key findings from the survey were:

• Over 60 per cent of UK employees have access to computer records at their place of work
  
• 41 per cent have access to records that are not necessary for their job
  
• One in ten has been tempted to abuse this access
  
• 56 per cent of employees have no restrictions placed on the information they have privileges to access.

Databases lie at the heart of most companies, and contain many of the most valuable assets of these organisations, and indeed of their customers. These assets range from research data, development plans and price lists through to Social Security numbers, credit card information,
health records and buying habits.

Secerno has developed a new appliance that understands the patterns of normal access to each individual corporate database. The model of normal access is like the DNA of the database, and is learned over a period of time by the appliance, and will adapt to changing usage patterns. As such, IT Departments do not have to build complex policies the system does it for them. The technology is based on research pioneered by Secerno's CTO, Dr Steve Moyle.

Related links: (Open in a new window.)
www.webappsec.org/projects/whid/list_class_sql_injection.shtml

View printable version (opens in new window)
Back