Survey Reveals Scandal of Snooping IT Staff
Passwords Stored Insecurely

The survey also shows that the majority of companies mismanage the storage of administrative passwords by keeping them in unsecured locations and hence not controlling access to these critical codes. 57% of companies store their administrative passwords manually, 18% store them in an excel spreadsheet (which are notoriously insecure and easy to access), and 82% of IT professionals store them in their heads – hindering security efforts, business continuity, as well as the auditing, controlling and managing of passwords. In the event that the keeper of these critical administrative passwords is unavailable or loses the location of the passwords, it can cause massive disruption and hours of lost productivity.

In other words, don’t throw out any Post-It notes laying around the IT department… you may never get into your workstation again!

Insider Sabotage More Prevalent

15% of companies interviewed had experienced insider sabotage, which is not surprising considering that over one-third of IT staff report using administrative passwords to snoop around corporate systems. Even worse, such snooping can turn ugly when IT workers feel disgruntled, aggrieved and especially after they’ve been fired. According to a recent study by Carnegie Mellon University, the most common insider attack is by a disgruntled IT employee using anonymous access from a privileged account.


Stagefright 2.0: A billion Android devices could be compromised

Most Android users are, once again, in danger of having their devices compromised by simply previewing specially crafted MP3 or MP4 files.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 2nd