Get more! Sign up for PLANSPONSOR newsletters.
Benefits June 20, 2008
IT Workers Admit to Nosing into Coworkers' Business
June 20, 2008 (PLANSPONSOR.com) - One-third of
information technology professionals surveyed confessed to
abusing administrative passwords to access confidential data
such as colleagues' salary details, personal emails, or
board-meeting minutes.
Reported by Rebecca Moore
Reuters reports that 47% of the 300 senior IT professionals surveyed by Cyber-Ark also admitted they had accessed information that was not relevant to their role. “For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom,” Mark Fullbrook, Cyber-Ark’s UK director, said in a statement, according to Reuters.
Cyber-Ark found privileged passwords get changed far less frequently than user passwords. Thirty percent are changed every quarter and 9% are never changed, meaning IT staff who have left an organization could still gain access.
In other security matters, the survey found seven out of 10 companies rely on outdated and insecure methods to exchange sensitive data: 35% use email; 35% use couriers; and 4% rely on the postal system.