IT staff are main threat for data leaks, study finds

IT staff may be a primary source of data leakage,...

IT staff may be a primary source of data leakage, according a survey of 300 IT professionals at the recent Infosecurity exhibition in London.

One-third of those questioned said they used their administrator passwords and privileges to look at confidential company information. This included salary details, merger and acquisition plans, personal e-mails, board meeting minutes and other pieces of personal information. Some 47% said that they had accessed information that was not relevant to their role.

The survey is part of ongoing research by IT security firm Cyber-Ark into industries' information access and control procedures.

Researchers reported that privileged passwords are changed less often than user passwords. They found 30% change once a quarter and 9% never get changed.

Half of IT administrators do not need authorisation to access privileged accounts. This shows a general lack of control of these power identities and indeed understanding over the power that these privileges command, said Mark Fullbrook, UK director of Cyber-Ark.

Data exchanges were also vulnerable. One in three e-mail sensitive data, 35% send it via courier, 22% use FTP and 4% still use the postal system. And 12% of these senior IT staff also chose to send cash in the post.




CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close