- Thursday, 26 November 2009
- INQ Mobile
- RSS
When [Otellini] joined the company in 1974, most people didn't even know what a PC was - From the Wall St Journal 11-11-2004
A third of IT staff snoop through confidential company docs
A THIRD OF NOSEY IT staff admit to having snooped around on their company network to take a peek at confidential material including their colleagues’ salary details, M & A plans, board meeting minutes and even other people’s emails.
Digital vaulting outfit Cyber-Ark Software released the disturbing, yet unsurprising findings today from data compiled at Infosecurity Expo 2008. The study polled 300 senior IT professionals, mainly from companies employing over 1000 workers.
Proving that even your friendly office nerd can’t be trusted in these uncertain times, a whopping 47 per cent of those surveyed said they had, at one point or other accessed company information that was not relevant to their job. A third said they had used administrative passwords as a means of sneaking a peek at information classed as confidential or sensitive.
But the blame for not minding their own beeswax doesn’t only fall on the prying IT staff, sloppy company security practices often make it far too easy to resist the temptation. Privileged passwords purportedly rarely change, with 30 per cent changing only once every quarter and nine per cent never changing, leaving data open to people who may no longer even be employees.
Worse still is the revelation that seven out of ten companies use totally out-dated and insecure ways of exchanging sensitive data internally and between their business associates. Thirty-five per cent said they frequently emailed sensitive data, 35 per cent sent it via courier service, 22 per cent used FTP and four per cent relied on good old snail mail. Twelve per cent even owned up to sending cash in the post.
Mark Fullbrook, UK Director of Cyber-Ark, tut-tutted and noted that “Companies need to wake up to the fact that if they don’t introduce layers of security and tighten up who has access to vital information, by managing and controlling privileged passwords, snooping, sabotage and hacking will continue .”
And if they do, and if there really is any snooping, sabotage and hacking going on, it will continue anyhow, so let's just ignore the scaremongering salesmen, eh? µ
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
I think sending cash in regular mail is a hell of a lot more sane and secure than emailing confidential information.
At least regular mail is closed and not routinely looked into for thievery purposes, so I don't quite get why that's singled out as 'even'.

That article title basically amounts to: "Half of all company CEOs are actively being blackmailed."
Looks like a security seller wants to sell more security so he is telling the boss that the IT people are reading your emails to your girlfriend and the IT dudes might tell your wife, we can protect your emails from the IT dudes and dudettes.

These security firms, I wonder how well they would score if they were scrutinised for security and ease of using their "work tools".

By the way, does anyone ever bother to come back and read their comments (if they get posted)?