Worth remembering the oft-quoted cliche that a little knowledge is a dangerous thing. Presenting data on the Internet is easy to achieve. Presenting data safely and securely on the Internet is far more difficult.

Some time ago, I found a few articles detailing the use of Google to query systems for the purposes of hacking. I've seen examples of Google search criteria which list UNIX servers on the Internet which have blank root passwords, or allow at least read access to the whole file system. I've seen examples of using Google to find insecure databases, including SQL Server ones (check out this link). I've seen examples of using Google to find Excel spreadsheets containing budgetary information (or, perhaps, medical or financial records). All scary stuff.

Personally, I see it as one of my major responsibilities to recognise my limitations. I'm a DBA, not a security expert. I understand a lot of the tricks used, but it's not my core expertise, which is why we employ people who do have that under their remit. Therefore, anything we roll out is looked at with several pairs of eyes instead of just one pair. Easier said than done in a small company, I'll admit, but failing to do so is a gamble you will, sooner or later, definitely lose.