Reuters reports that 47% of the 300 senior IT professionals surveyed by Cyber-Ark also admitted they had accessed information that was not relevant to their role. “For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom,” Mark Fullbrook, Cyber-Ark’s UK director, said in a statement, according to Reuters.
Cyber-Ark found privileged passwords get changed far less frequently than user passwords. Thirty percent are changed every quarter and 9% are never changed, meaning IT staff who have left an organization could still gain access.
In other security matters, the survey found seven out of 10 companies rely on outdated and insecure methods to exchange sensitive data: 35% use email; 35% use couriers; and 4% rely on the postal system.