Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/24/2010
02:27 PM
50%
50%

Top Five Reasons Database Security Fails In The Enterprise

Independent Oracle Users Group survey reveals common database security missteps made by enterprises

3. Privileged users run unchecked.
One of the IOUG survey respondents said, "Our greatest risk is probably that of a rogue employee running amok. We'd know about it soon enough, but it might be too late to avoid serious damage."

This is a common opinion among many administrators; approximately 22 percent of respondents listed internal hackers as their biggest database security risk, and another 12 percent said abuse of privileges was their highest threat.

Yet in spite of this awareness, organizations are doing very little to mitigate these risks. A whopping three-quarters of organizations do not have or aren't sure if they have a means to prevent privileged users from tampering with or compromising database information. Only about 23 percent of organizations have a way to safeguard from accidental changes by privileged users. And within a quarter of organizations, even regular users can bypass applications to gain direct access to data using ad hoc tools.

Perhaps more disconcerting is the fact that many companies also fail to protect audit data from unauthorized access and tampering. About 57 percent of respondents do not consolidate database audit data to a central secure location, making it possible for privileged users to change audit data to cover their tracks after making unauthorized access or changes.

4. Database patches are deployed slowly.
Many of today's nastiest breaches occur at the hands of hackers who take advantage of database and Web application vulnerabilities to break into sensitive data stores. According to the recent Verizon 2010 Data Breach Investigations Report, 90 percent of last year's breaches involved SQL injection attacks.

While enterprises could do a lot to take the edge off the risks from these attacks by keeping their databases patched and configured securely, they are simply not taking advantage of this opportunity to mitigate the threat. The IOUG survey found that 63 percent of administrators admit they are at least a cycle late with their critical patch updates. Of most concern are the 17 percent of administrators who say they don't apply patches at all or are unsure when patches are applied.

5. Encryption practices lag.
Even with regulations such as HIPAA and PCI DSS in place that require organizations to encrypt or deidentify PII within databases, database encryption of PII within the typical organization remains woefully deficient. Less than a third of administrators said they encrypt PII within all of their databases, while 38 percent said they do not encrypt PII or are unsure of whether they do. The numbers for encryption of network traffic to and from the database are about the same, with about 23 percent of organizations reporting they encrypt all database traffic, and 35 percent admitting that they do not encrypt this traffic or are not sure whether such traffic is encrypted.

The real Achilles heel of database encryption is how database backups and copies of databases sent to off-site partners are treated. Fewer than half of organizations can definitively say they do not send unencrypted database information off-site. And just 16 percent of organizations said they encrypt all database backups and exports.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...