IT staff snooping on the rise

 

Gallery

By Reuters

Posted on 10 Jun 2009 at 08:14

More than one-third of IT professionals abuse administrative passwords to access confidential data such as colleagues' salary details or board-meeting minutes, according to a survey.

Data security company Cyber-Ark surveyed more than 400 senior IT professionals in the US and Britain, and found that 35% admitted to snooping, while 74% said they could access information that was not relevant to their role.

In a similar survey 12 months ago, 33% of IT professionals admitted to snooping.

"Employee snooping on sensitive information continues unabated," says Udi Mokady, CEO of Cyber-Ark.

Cyber-Ark says the most common areas respondents indicated they access are HR records, followed by customer databases, mergers and acquisitons plans, layoff lists and lastly, marketing information.

"While seemingly innocuous, [unmanaged privileged] accounts provide workers with the 'keys to the kingdom,' allowing them to access critically sensitive information," Mokady says.

When IT professionals were asked what kind of data they would take with them if fired, the survey found a jump compared with a year ago in the number of respondents who said they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security.

The survey found a six-fold increase in staff who would take financial reports or merger and acquisition plans, and a four-fold increase in those who would take CEO passwords and research and development plans.