IT staff are main threat for data leaks, study finds

News

IT staff are main threat for data leaks, study finds

Ian Grant

IT staff may be a primary source of data leakage, according a survey of 300 IT professionals at the recent Infosecurity exhibition in London.

One-third of those questioned said they used their administrator passwords and privileges to look at confidential company information. This included salary details, merger and acquisition plans, personal e-mails, board meeting minutes and other pieces of personal information. Some 47% said that they had accessed information that was not relevant to their role.

The survey is part of ongoing research by IT security firm Cyber-Ark into industries' information access and control procedures.

Researchers reported that privileged passwords are changed less often than user passwords. They found 30% change once a quarter and 9% never get changed.

Half of IT administrators do not need authorisation to access privileged accounts. This shows a general lack of control of these power identities and indeed understanding over the power that these privileges command, said Mark Fullbrook, UK director of Cyber-Ark.

Data exchanges were also vulnerable. One in three e-mail sensitive data, 35% send it via courier, 22% use FTP and 4% still use the postal system. And 12% of these senior IT staff also chose to send cash in the post.





Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy