Survey says 74 per cent of IT admin staff can 'circumvent' network security
Insider snooping on the rise
10 Jun 2009, Dave Bailey, Computing
http://www.computing.co.uk/ctg/news/1851159/insider-snooping-rise
More than third (35 per cent) of IT staff have used their administration rights to breach data security, giving them access to critical corporate information without authorisation, according to research.
The study by Cyber Ark also suggests that nearly three-quarters of the 400 senior UK and US IT professionals polled said they could breach the security controls in place to protect against corporate information theft.
Asked what information they would take with them if made redundant, the three most popular responses were the customer database, the email server administrator account, and the firm's merger and acquisition (M&A) plans – all chosen by 47 per cent of those polled.
Next in line for potential theft were research and development (R&D) plans (46 per cent), the chief executive's password (46 per cent), financial reports (46 per cent) and the privileged password list (42 per cent). The corresponding figures for last year showed that the average increase in IT staff willing to take critical business data if made redundant was 28 per cent.
The survey suggests that firms need to fully monitor privileged account access, but 71 per cent of respondents indicated that privileged accounts were only partially monitored, and despite these controls, 74 per cent of those polled revealed that it did not stop them snooping around.
The significant failure of snooping controls was highlighted by the 35 per cent of IT administrators who admitted they were using high-level rights to access confidential or sensitive information. The most common areas targeted for snooping were HR records, followed by customer databases, M&A plans, redundancy lists, and marketing information.
"Unauthorised access to information such as customer credit card data, private personnel information, internal financial reports and R&D plans leaves a company vulnerable to a severe data leak with the risk of financial or regulatory exposure and damage to its brand, or competitors obtaining critically important competitive information,” said Udi Mokady, chief executive of Cyber-Ark.
Reader comments
© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Still too lax
These statistics truly reinforce the institutionalised lax approach to security in business today. Much has been made of the loss of data to foreign bodies, but organisations need to ensure that all security approaches consider the threats which come from both external and internal sources. Despite the economic crisis, it is straight-forward and cost effective to allow the legitimate use of approved devices, which introduces a level of stewardship where only authorised staff have access to certain data. This will also enable organisations to actively guard against the removal of data or the introduction of risks to the network. In doing this, more stringent security barriers can be introduced to help eliminate this seemingly growing problem of internal snooping.
Posted by: Matt Fisher, FrontRange Solutions 12 Jun 2009