IT dept 'usual suspects' for data snooping: survey
Up to 35 per cent of organisations suspect that their most sensitive internal information has been illicitly passed over to competitors – most probably by former employees.
Thirty-seven per cent of the IT professionals surveyed in Cyber-Ark Software’s 4th annual ‘Trust, Security and Passwords’ survey cited ex-staff as the most likely source of this abuse of trust, while 28 per cent suspect ‘human error’ as the next most likely cause, followed by falling victim to an external hack, or to loss of a mobile device/laptop, each at 10 per cent.
The most popular information shared with competitors was the customer database - 26 percent - and R&D plans - 13 per cent.
The Cyber-Ark research confirmed that snooping continues to rise within both US and UK organisations, with 41 per cent of respondents confessing to ‘abusing administrative passwords’ to snoop on sensitive or confidential information – an increase from 33 per cent on the 2008 and 2009 surveys. When examining the type of information that people were willing to circumvent the rules to access, US respondents targeted the customer database first (38 per cent versus 16 per cent in the UK), with HR records most alluring to UK respondents (30 per cent versus 28 per cent in the US).
The survey found that 67 per cent of respondents admitted having accessed information that was not relevant to their role. When quizzed on what department was more likely to snoop and look at confidential information, 54 per cent named the IT department - possibly a natural choice given the group’s power and responsibility for managing multiple systems across an organisation. This is a blame hike compared to the 35 per cent who identified the IT department as the ‘most likely suspects’ in the 2009 survey, a number that had decreased from 47 per cent from its 2008 predecessor.
Respondents to the 2010 ‘Trust, Security and Passwords’ survey identified Human Resources personnel as the next curious at 11 per cent, followed by nosey administrative assistants.