Messaging Newswire
Follow Us on Twitter
Facebook Page
Google Plus Page
RSS feeds
IT Employees & Company Data
Widgets & RSS FeedsExiting IT employees are most likely to steal company data before they leave, this according to a survey conducted by Cyber-Ark Software. The annual survey around Trust, Security & Passwords published last month focused on 300 IT security professionals and revealed that 88 percent of IT administrators, if laid off tomorrow, would take valuable and sensitive company information with them. The target information includes the CEO’s passwords, the customer database, R & D plans, financial reports, M & A plans, and most importantly the company’s list of privileged passwords. Only 12 percent revealed that they would plan to leave empty handed.
“Most company directors are blissfully unaware of the administrative or privileged passwords that their IT staff has access to, which allows them to see everything that is going on within the company. These privileged identities, which lie on hundreds of servers and applications, very rarely get changed as it’s often considered too much hassle. When people leave the organization, they can often still access the network using these passwords to acquire highly sensitive data,” says Udi Mokady, president and CEO of Cyber-Ark. “Our advice is to secure these privileged passwords and identities, and routinely change and manage them so that if an employee’s contract is terminated, whether voluntary or not, they can’t maliciously wreak havoc inside the network or vindictively steal data for competitive or financial gain.” One third of companies revealed that they believe industrial espionage and data leakage is rife, with data being leaked out of their companies and going to their competitors or criminals, usually via powerful high gigabyte mobile devices such as USB sticks, iPods, BlackBerrys and laptops—or sent over email. According to the survey, IT administrators who are often responsible for security don’t exchange or send information securely, with 35 percent choosing to send sensitive or highly confidential information via email. Furthermore, 35 percent of those surveyed use couriers to transport sensitive data—a system only marginally safe when the information is backed up and encrypted. Four percent of the sample size uses the postal system to send sensitive information. The survey also found that one third of IT staff admitted to snooping around the network, looking at highly confidential information, such as salary details, M & A plans, people’s personal emails, board meeting minutes and other personal information that they were not privy to. They did this by using their privileged rights and administrative passwords to access information that is confidential or sensitive. “You can install the best security systems in the world, but if your staff does not respect the information they are entrusted with, then the information will most definitely go astray—just as the findings of this survey have illustrated,” adds Mokady.
