HELSINKI (Reuters) - More than one-third of information technology professionals abuse administrative passwords to access confidential data such as colleagues’ salary details or board-meeting minutes, according to a survey.
Data security company Cyber-Ark surveyed more than 400 senior IT professionals in the United States and Britain, and found that 35 percent admitted to snooping, while 74 percent said they could access information that was not relevant to their role.
In a similar survey 12 months ago, 33 percent of IT professionals admitted to snooping.
“Employee snooping on sensitive information continues unabated,” Udi Mokady, CEO of Cyber-Ark, said in a statement.
Cyber-Ark said the most common areas respondents indicated they access are HR records, followed by customer databases, M&A plans, layoff lists and lastly, marketing information.
“While seemingly innocuous, (unmanaged privileged) accounts provide workers with the ‘keys to the kingdom,’ allowing them to access critically sensitive information,” Mokady said.
When IT professionals were asked what kind of data they would take with them if fired, the survey found a jump compared with a year ago in the number of respondents who said they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security.
The survey found a six-fold increase in staff who would take financial reports or merger and acquisition plans, and a four-fold increase in those who would take CEO passwords and research and development plans.
Reporting by Tarmo Virki, editing by Matthew Lewis