Nearly half of British IT admins secretly read workers email

Davey Winder
Saturday, 21 June 2008 01:45

Your IT - Home IT

New research reveals that a staggering 47 percent of British IT admin staff admit to accessing confidential or sensitive information. Information, that is, which they are not meant to be looking at in the first place.

Cyber-Ark Software took the opportunity at the recent European Infosecurity Expo 2008 to survey the opinions of senior IT professionals regarding issues of trust, security and passwords. Nearly half of the 300 people asked, most from companies employing in excess of 1000 staff, admitted to snooping around the network.

In a remarkable display of unprofessionalism, a third of these so-called IT professionals said that they had used their admin passwords to peek at information they had no business looking at. Information such as the how much their colleagues were earning, the minutes of board meetings and even the personal email of staff members.

As Mark Fullbrook, the UK Director of Cyber-Ark told us "When it comes down to it, IT has essentially enabled snooping to happen! It's easy, all you need is access to the right passwords or privileged accounts and you're privy to everything that's going on within your company."

Certainly the days of having to photocopy sheets of information or pick the locks of the filing cabinet holding salary data are long gone. Now all the office snoop needs is a modicum of authority.

Of course, for the majority of staff who do not work within the dark realm of IT services it is assumed that an admin password is just something used when software needs updating or the desktop machine crashes. The really worrying thing is that this misunderstanding seems to exist in the upper echelons of IT management as well.

With half of IT administrators questioned not having to get any kind of authorisation to access privileged accounts, the real power of these passwords is exposed.