A report by US company Cyber-Ark has found that one third of IT professionals surveyed snoop on colleagues confidential data.
A report by UK company Cyber-Ark has found that one third of IT professionals surveyed snoop on colleagues confidential data; including reading personal emails, salary details and even snooping on minutes from board meetings.
The company surveyed 300 senior IT professionals and discovered not only did many abuse their administrative privileges to access other’s personal information, 47% said they often accessed information that was completely unrelated to their role.
“All you need is access to the right passwords or privileged accounts and you’re privy to everything that’s going on within your company,” said Mark Fullbrook, Cyber-Ark’s UK director.
“For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom,” he said.
Cyber-Ark said privileged passwords get changed far less frequently than user passwords, with 30 per cent being changed every quarter and 9 per cent never changed at all, meaning that IT staff who have left an organization could still gain access.
Source: The Australian IT