Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Posted May 28, 2010

Database Security Threat in Default Passwords Still Exist

By DatabaseJournal.com Staff

One of a database’s biggest security threats may be something that seems small and insignificant. And it’s not new. Very often when a database is deployed, an add-on is installed, or application using the database is installed, a default account and password is created. If not cleaned up by database administrators, these default passwords build up and are that many security breaches just waiting to happen.

Scott Laliberte, managing director for Protiviti, a security consultancy, has led endless numbers of security audits and says "We'll go in and do an assessment where the OS is hardened [or] the ERP has had a segregation of duties review done. All of these different security settings within the actual application are great, but [they are] all sitting on a default database install," and adding, "I've actually done several reviews like that, where there were default passwords on database accounts, the database had not been hardened, and it was a complete mess."

View Article

Daily News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.