×

Warning

JUser: :_load: Unable to load user with ID: 3286
Saturday, 21 June 2008 01:45

Nearly half of British IT admins secretly read workers email

By
New research reveals that a staggering 47 percent of British IT admin staff admit to accessing confidential or sensitive information. Information, that is, which they are not meant to be looking at in the first place.

Cyber-Ark Software took the opportunity at the recent European Infosecurity Expo 2008 to survey the opinions of senior IT professionals regarding issues of trust, security and passwords. Nearly half of the 300 people asked, most from companies employing in excess of 1000 staff, admitted to snooping around the network.

In a remarkable display of unprofessionalism, a third of these so-called IT professionals said that they had used their admin passwords to peek at information they had no business looking at. Information such as the how much their colleagues were earning, the minutes of board meetings and even the personal email of staff members.

As Mark Fullbrook, the UK Director of Cyber-Ark told us "When it comes down to it, IT has essentially enabled snooping to happen! It's easy, all you need is access to the right passwords or privileged accounts and you're privy to everything that's going on within your company."

Certainly the days of having to photocopy sheets of information or pick the locks of the filing cabinet holding salary data are long gone. Now all the office snoop needs is a modicum of authority.

Of course, for the majority of staff who do not work within the dark realm of IT services it is assumed that an admin password is just something used when software needs updating or the desktop machine crashes. The really worrying thing is that this misunderstanding seems to exist in the upper echelons of IT management as well.

With half of IT administrators questioned not having to get any kind of authorisation to access privileged accounts, the real power of these passwords is exposed.


Fullbrook explains that "in some organisations there is little understanding or lack of controls in place to manage workers access to systems. While for those "in the know" they are the keys to the kingdom and if unprotected or fall into the wrong hands wield a great deal of power."

Even where the real currency of admin passwords is understood, managing them is often not. Which is why the Cyber-Ark research also revealed that 9 percent of password never get changed, and 30 percent only once every quarter.

Meanwhile, over in the US, a San Francisco appeals court has ruled that employers cannot read email or other personal data that is not stored on site. This means that in order for a company to access, for example, text messages stored on a mobile phone it would have to apply for a court warrant first.

Either that or get the employees permission. Which is exactly, I suggest, what will be happening in the form of changes to corporate privacy policies throughout the area.

With more mobile devices being used within and without the workplace, and increasingly for personal as well as business communication, this issue is likely to become a hot potato the world over. When was the last time you checked your privacy policy, either as an employer or employee?

Now might be a good time to get both the reading glasses and a lawyer out...



Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments