In a disturbing survey, one in three IT professionals abuse privileges to snoop through colleagues’ personal data including salary details.

MSNBC carried news on the survey by Cyber-Ark encompassed 300 senior IT professionals – one-third admitted to snooping, while 47 percent admitted to gaining access to information they didn’t need.

“All you need is access to the right passwords or privileged accounts and you’re privy to everything that’s going on within your company,” Mark Fullbrook, Cyber-Ark’s UK director, said in a statement. The statement accompanied the results of the survey which will likely have us all giving the tech support funny looks.

“For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom,” Fulbrook added.

It doesn’t help that seven out of 10 companies are severely behind in their security mechanisms – using outdated and insecure methods to exchange sensitive data. 35 percent choose email, another 35 percent couriers and 4 percent – the post.

Cyber-Ark said privileged passwords get changed with disturbingly less frequency than user passwords. 30 percent are changed every quarter and 9 percent never changed at all. This leaves the company wide open to breaches by personnel no longer with the company.

Webhosting company HostGator found itself the victim of a disgruntled employee, forcing the company to send mass emails to its customers via free email provider Yahoo, alerting them to change their passwords.

Related:

Entry was posted on Friday, June 20th, 2008 at 3:45 pm under Security.

Read more entries by Erna Mahyuni.
Stumble It!