News

Insider Snooping Still Serious Security Issue, Survey Finds

Last year's Cyber-Ark "Trust, Security & Passwords" survey revealed that one-third of IT staff used their IT administration rights to access privileged or confidential data, including human resources records, layoff lists, merger and acquisition plans, and customer databases. Behavior hasn't changed much according to results from this year's survey.

"Despite a sharp rise in data breaches and increased media awareness on the subject, the third annual Cyber-Ark survey reveals that 35 percent of IT workers now admit to accessing corporate information without authorization, while 74 percent of respondents stated that they could circumvent the controls currently in place to prevent access to internal information," according to Cyber-Ark.

The global survey polled over 400 senior IT professionals in the United States and the United Kingdom, primarily enterprise-class companies.

The survey reveals what type of information (and how much of that data) employees are interested in taking if they are fired. This year's survey reports "a sharp increase in the number of respondents who say they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security."

For security managers, an ever more alarming result is the six-fold increase in staff "who said they would take financial reports or merger and acquisition plans." Staff who would take CEO passwords and research and development plans also climbed, increasing four-fold since last year.

Here's what employees would most likely steal:

Type of Information

 2009 

 2008 

Customer Database

 47% 

 35% 

E-mail Server Admin Account

 47% 

 13% 

M&A Plans

 47% 

 7% 

Copy of R&D Plans

 46% 

 13% 

CEO's Password

 46% 

 11% 

Financial Reports

 46% 

 11% 

Privileged Password List  

 42% 

 31% 

Also worrisome: one company in five admits having experienced "cases of insider sabotage or IT security fraud." Of those, "36 percent suspect that their competitors have received their company's highly sensitive information or intellectual property."

Organizations know about the problem. Seventy-one percent of respondents indicated that privileged accounts are monitored somewhat; of these, 91 percent of those being monitored accept their employer's monitoring activities.

Despite such understanding, nearly three-quarters of respondents (74 percent) say that they could still circumvent such monitoring. Further highlighting the ineffectiveness of an enterprise's controls and access policies, more than a third (35 percent) of IT administrators confessed to using their administration rights to look at confidential or sensitive information. They most often access "HR records, followed by customer databases, M&A plans, layoff lists and, lastly, marketing information."

"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated. Unauthorized access to information such as customer credit card data, private personnel information, internal financial reports and R&D plans leaves a company vulnerable to a severe data leak with the risk of financial or regulatory exposure and damage to its brand, or competitors obtaining critically important competitive information," said Udi Mokady, CEO of Cyber-Ark, in a prepared statement.

The full survey can be downloaded in PDF form here; registration is required for access.

About the Author

Jim Powell is president and CEO of Daisytek International Corporation. He can be contacted at 972-881-4700 or [email protected].

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.