Protect data and maintain its confidentiality, integrity and availability no matter where it resides.

Databases are the backbone of most organisations’ information systems. Whether presented through web apps or client applications, access to sensitive data can be contained through security controls embedded in the application.

What happens when the application fails to enforce security?

Web applications can be subject to code injection attacks and databases can be accessed directly through administrative ports. If this occurs, your data is at risk and you can lose:

• Personally identifiable information
• Payment card information
• System information such as passwords and password hashes
• Confidential corporate information
• Information that is public but whose accuracy and integrity is relied upon.

Many organisations also don’t have a clear idea of the number and location of databases in use. These can retain sensitive information completely open to the network with a hard-coded and well-known password.