On the server side, the report recommends encrypting passwords to the database using a hash function that is suitable for password storage. The hash function should be difficult to calculate, which helps limit the effectiveness of attacks.
However, on the bright side, the report stated that there continues to be progress in certain areas of Internet security. IBM X-Force data reports a continuing decline in exploit releases, improvements from the top ten vendors on patching vulnerabilities and a significant decrease in the area of portable document format (PDF) vulnerabilities. IBM believes that this area of improvement is directly related to the new technology of sandboxing provided by the Adobe Reader X release.
Data for the bi-annual X-Force report comes from IBM's security operations centers which monitor more than 15 billion security events a day on behalf of approximately 4,000 clients in more than 130 countries.
Sign up for Computerworld eNewsletters.