Sure, you’re an IT pro, but are you an IT peeping tom? According to a recent survey conducted by Cyber-Ark Software, one in three IT workers admit to using their IT privileges to gain access to employees’ confidential data. Yep, 33 percent of you are snooping through your company’s systems and reading through private information such as wage data, personal email messages, and HR files.
Many users probably harbor, at one time or another, the suspicion that IT might be using the privileged passwords they require for malicious purposes. But to see survey results such as these—which also report that the same percentage of IT pros say they can still access the company network after leaving a job, with no one to stop them!—is sobering.
According to Cyber-Ark, more than 200 IT pros participated in the survey. One of the surveyed respondents asked, “Why does it surprise you that so many of us snoop around your files? Wouldn’t you if you had secret access to anything you can get your hands on?”
Another respondent said, “It’s easy for an employee to update the personal password to their laptop, but to change the administrator password on that same machine? It would take days for IT to do them all by hand. In the end, we just pick one password for all the systems and write it down.”
Calum Macleod, European director for Cyber-Ark, said he was surprised by the results. “Gone are the days when you had to break into the filing cabinet in the personnel department to get at vital and highly confidential information. Now all you need to have is the administrative password and you can snoop around most places, and it appears that is exactly what’s happening. Companies need to wake up to the fact that if they don’t introduce layers of security, tighten up who has access to vital information, and manage and control privileged passwords, then snooping, sabotage, and hacking will continue to be rife.