Davey Winder
Saturday, 21 June 2008 02:45
Your IT -
Home IT
Page 1 of 2
New research reveals that a staggering 47 percent of British IT admin staff admit to accessing confidential or sensitive information. Information, that is, which they are not meant to be looking at in the first place.
Cyber-Ark Software took the opportunity at the recent European
Infosecurity Expo
2008 to survey the opinions of senior IT professionals regarding issues
of trust, security and passwords. Nearly half of the 300 people asked,
most from companies employing in excess of 1000 staff, admitted to
snooping around the network.
In a remarkable display of unprofessionalism, a
third of these so-called IT professionals said that they had used their
admin passwords to peek at information they had no business looking at.
Information such as the how much their colleagues were earning, the
minutes of board meetings and even the personal email of staff members.
As Mark Fullbrook, the UK Director of Cyber-Ark told us "When it comes
down to it, IT has essentially enabled snooping to happen! It's easy,
all you need is access to the right passwords or privileged accounts
and you're privy to everything that's going on within your company."
Certainly the days of having to photocopy sheets of information or pick
the locks of the filing cabinet holding salary data are long gone. Now
all the office snoop needs is a modicum of authority.
Of course, for the majority of staff who do not work within the dark
realm of IT services it is assumed that an admin password is just
something used when software needs updating or the desktop machine
crashes. The really worrying thing is that this misunderstanding seems
to exist in the upper echelons of IT management as well.
With half of IT administrators questioned not having to get any kind of
authorisation to access privileged accounts, the real power of these
passwords is exposed.
LATEST HEADLINES FROM YOUR IT
