TechTarget

Forgotten databases are a bigger risk than firms admit, says Imperva

Forgotten or unprotected databases are responsible for more data breaches than most businesses would like to admit, says security firm Imperva.

A...

Forgotten or unprotected databases are responsible for more data breaches than most businesses would like to admit,...

says security firm Imperva.

A classic example is the data breach announced on 13 April by Australian software firm Atlassian, said Amichai Shulman, chief technology officer at Imperva.

The company said the breach potentially exposed passwords for customers who purchased Atlassian products before July 2008.

Atlassian said it had migrated its customer database in July 2008 and encrypted passwords, but the old database table was not taken offline or deleted.

"It is this database table that we believe could have been exposed during the breach," said Atlassian chief executive Mike Cannon-Brookes in a blog post.

The database contained sensitive information, but once it was not used as a production system it was forgotten, said Shulman.

"Unmanaged systems put sensitive data residing on them at a high risk - unmanaged systems are the top targeted systems," he said.

To protect sensitive data, it is imperative that organisations scan their networks to discover all databases and ensure they are managed and under control, said Shulman.

Failure to protect information can cost UK companies dearly with the Information Commissioner's Office able to impose fines of up to £500,000 for data breaches since 6 April 2010.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close