Businesses could have prevented nine out of 10 corporate data breaches if they had put 'reasonable' security measures been in place, according to a new report released this month by Verizon Business.

The 2008 Data Breach Investigations Report examines about 500 forensic investigations involving 230 million records over a four-year span.

The researchers also analysed hundreds of corporate breaches including three of the five largest ones ever reported.

About 73 percent of breaches resulted from external sources compared to 18 percent from insider threats, they found. Most breaches resulted from a combination of events rather than a single hack or intrusion.

Included in the findings are:

• Business partners accounted for 39 percent of security breaches, a number that rose five-fold during the four year period.

• Most breaches resulted from a combination of events rather than a single action. Significant internal errors could be blamed for 62 percent of the breaches.

• For breaches that were deliberate, 59 percent were the result of hacking and intrusions.

• Of those breaches caused by hacking, 39 percent target the application or software layer, and 23 percent the operating system platform.

• About 90 percent of known vulnerabilities exploited had patches available for at least six months prior to the breach.

These findings and others can help your IT security team (if you are lucky enough to have one) identify priority areas. The report also offers some advice, including my mantra: Get the patches fools! Go to the resources section of www.verizonbusiness.com to download the full report.

***

The Vista operating system remains as Microsoft's shunned offspring according to a survey by Evans Data.

The survey is just another indication why businesses are holding back on making another expensive upgrade just as staff are getting used to Windows XP. The Evans Data (www.evansdata.com) survey shows that fewer than one in 10 software developers in the US, or eight percent, say they are writing applications for Windows Vista this year, compared to 49 percent who say they are doing so for Windows XP.

About 13 percent are writing applications for the rival Linux platform in 2008.

Microsoft Visual Sourcesafe continues to be the most used commercial application lifecycle management software.

Businesses should also take note that two-thirds of North American developers say they are addressing security issues during the first planning and design stages of a project.

***

Those who like to experiment with image manipulation and design should try out the free Daz Studio application, available at Download.com or at the company's site (www.daz3d.com).

The virtual 3-D image creator allows users to add shadows and features to images, and manipulate them so they seem to pop out of the frame.

Daz Studio also offers a free beginner model pack to get you started, but I had trouble finding it on the site. You will need to take the tutorials and read the manual on the site to come to some understanding of the program. To see what the experts can achieve with the program go to www.graphics.com and search for a competition currently underway called Photos.com Philter Phrenzy 2. Truly amazing.

You may even be inspired to submit your own entries.

***

I have always admired Pearl Jam for both their music and their use of the Internet to get around the big recording companies. They have previously released albums of many of their live concerts in 2000 for their obsessive fans, none of which I have bought.

Now they are releasing another set of live albums, this time online, as they embark on their 2008 US concert tour, which ends 30 June. At Pearljam.com fans can purchase streaming downloads or burn-to-order CDs of each of the band's performances. It is quite expensive as MP3s of each concert performance will sell for $9.99. The music comes free of digital rights management, so that buyers can burn as many discs or make as many transfers as they please.

Send any comments to Ahmed at elamin.ahmed@gmail.com