2Database Security on the Menu
Thirty-seven percent of respondents said their organizations use live data in non-production environments. Seventy-two percent use either old information or sample data provided by the application vendor or developer, and only 28 percent said their live or old production data contains sensitive information.
8The Threat Landscape
9Preventing Internal Abuse
Only one in four respondents said their organizations use automated tools on a regular basis to monitor their databases. Thirty-three percent said it would take between 1 and 24 hours to detect an unauthorized change to the database. Ten percent said it would take between one and five days; 6 percent said it would take longer.
Many organizations are a step or more behind in applying critical patch updates, leaving open security holes that could be exploited by attackers.