Monday 16 February 2009

Physician heal thyself: Syringing a Database

I have recently returned from vacation involving riding a motor cycle in South America for three weeks. During my trip I did have the challenge to go in search of a syringe – but this was not used for injection. The syringe was used to drain the fluid off the swollen knee from a fellow rider in the group.

It seems that whilst I was away “virtual syringes” have been used for both injecting (into SQL statements and web sites) and draining the lifeblood – not from a swollen knee joint – but the data from a corporation. This common “procedure” – like its human counterpart – if carried out with skill, is quite painless leaving the patient with no real idea as to how much has been extracted.

Having the contents of a database sucked out and sprayed over the Web is not a good thing – particularly if your business is security. It is a shame that this time the syringing operation was performed on a patient who should have known better.

Secerno's SynoptiQ powered DataWall ensures that every syringe is prevented from entering the skin!