10 Ways Developers Put Databases at Risk

By Ericka Chickowski

The article postulates that some of the most important database protection methods start with developers who tap into sensitive data stores. “Many of today's Web applications rely on enterprises' most sensitive data stores to keep order systems running, partner companies collaborating, and internal users in touch with important business information no matter where they are… While such easy access to business-critical data has greatly improved worker productivity and loosened the pocketbooks of customers, it has also opened up that data to considerable risk.” Dmitry Vyrostkov of DataArt counters the belief that “ that stored procedures are a reliable way to prevent SQL injection. Not so, says Dmitry Vyrostkov of DataArt. "In fact, stored procedures do not prevent SQL injections if they contain vulnerabilities within their own code, or if they are invoked in an unsafe manner," he says.

View original article or download PDF