One in Three IT Staff Snoops on Colleagues

FRANKFURT(Reuters) – One in three information technology professionals abusesadministrative passwords to access confidential data such ascolleagues’ salary details, personal emails or board-meeting minutes,according to a survey.

U.S. information security company Cyber-Ark surveyed 300 senior ITprofessionals, and found that one-third admitted to secretly snooping,while 47 percent said they had accessed information that was notrelevant to their role.

"All you need is access to the right passwords or privilegedaccounts and you’re privy to everything that’s going on within yourcompany," Mark Fullbrook, Cyber-Ark’s UK director, said in a statementreleased along with the survey results on Thursday.

"For most people, administrative passwords are a seemingly innocuoustool used by the IT department to update or amend systems. To those ‘inthe know’ they are the keys to the kingdom," he added.

Cyber-Ark said privileged passwords get changed far less frequentlythan user passwords, with 30 percent being changed every quarter and 9percent never changed at all, meaning that IT staff who have left anorganization could still gain access.

It added that seven out of 10 companies rely on outdated andinsecure methods to exchange sensitive data, with 35 percent choosingemail and 35 percent using couriers, while 4 percent still relied onthe postal system.

(Reporting by Georgina Prodhan)