Thursday, June 19, 2008

Survey Reveals Scandal of Snooping IT Staff

Whilst you sit there innocently working away, little do you realize that a third of your IT colleagues have been snooping around the network, looking at highly confidential information, such as salary details, M & A plans, people’s personal emails, board meeting minutes and other personal information. That’s the findings of a survey released by Cyber-Ark Software, specialists in privileged identity management and digital vaulting solutions.

One third of the survey sampled admitted to using their privileged rights to access information that is confidential or sensitive by using the administrative passwords as a means of peeking at information that they are not privy to. In fact, when IT professionals were asked if they had accessed information that was not relevant to their role, 47 percent admitted they had.
.
Even more worrying is the fact that privileged passwords get changed infrequently and often a lot less than user passwords. Thirty percent get changed every quarter and a staggering 9 percent never get changed, giving access indefinitely to all those who know the passwords, even when they’ve left the organization.

Half of IT administrators do not have to get authorization to access privileged accounts which shows a general lack of control of these power identities and indeed understanding over the power that these privileges command.

Seven out of 10 companies rely on out-dated and insecure methods to exchange sensitive data when it comes to passing it between themselves and their business partners with 35 percent choosing to email sensitive data, 35 percent sending it via a courier, 22 percent using FTP and 4 percent still relying on the postal system. This shouldn’t be any big surprise when you learn that 12 percent of these senior IT personnel who were interviewed also choose to send cash in the mail.

More information on the IT industry can be found at www.supportindustry.com

No comments: