Databases a soft touch for hackers

More than 10 per cent of corporate databases connected to the internet have suffered security breaches in the last year, according to new research.

A survey of 750 corporates developing databases conducted by US firm Evans Data found that, against a backdrop of intensified industry efforts to create a more 'trustworthy' computing environment, more than one in 10 corporate databases connected to the web had a breach of security in 2001.

According to the report, most of the breaches consisted of malicious viruses or successful hacking attempts.

More than 40 per cent of banking/financial services companies reported incidences of unauthorised access and data corruption, while 18 per cent of medical/healthcare and telecoms firms reported similar breaches.

The threat of database security breaches is growing in tandem with the amount of corporate information being fed into the internet.

The research found that over two thirds of respondents said that their most important development task over the coming year is the development of dynamic web access to their databases.

But while a majority of firms are beefing up on network and infrastructure security, Evans found that a lesser number take advantage of database security features.

"Many people are focused on the security of their networks and operating systems. However, little attention is given to actual database security," said Evans analyst Joe McKendrick. "The results of this survey illustrate the importance of security in the database as well as the surrounding network."

McKendrick pointed out that Windows 2000 was leading the charge as the development platform choice for databases, favoured by 42 per cent of companies.

The situation could get worse as there is also considerable momentum towards the development of mobile database applications.

The survey found that more than 44 per cent are developing database applications that support mobile or wireless devices, a six per cent rise from last year's figure.