20 Jun 2008
One in three IT staff admit to using their position to access confidential or sensitive materials in their business, through improper use of administrative passwords.
A third of the 300 senior IT professionals questioned by security vendor Cyber Ark said that they had secretly looked at private data. A further 47 per cent admitted to accessing information that was not directly related to their role.
These examples of unauthorised access are being facilitated by poor security structures. In 30 per cent of the companies approached, administrative passwords were only changed every three months.
And in nine per cent of cases, these passwords were never changed at all. This situation can leave systems open to anyone who has ever had knowledge of the access codes, including employees who have left the company.
"In some organisations there is little understanding or lack of controls in place to manage workers' access to systems," said Mark Fullbrook, UK director of Cyber-Ark.
"For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those 'in the know' they are the keys to the kingdom, which can wield a great deal of power if left unprotected."
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Will Google’s new privacy policy impact how you use its services?
Rubbish in... rubbish enterprise. Why proper data management is so important (video, 6 min)
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Upcoming Events
The implementation of robust, relevant digital strategies is more crucial than ever to the success of insurance businesses
Date: 01 Mar 2012
Time: 09:00am
A showcase of the latest in the information content and management
Date: 20 Mar 2012
Time: 09:00am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
