Survey Reveals Scandal of Snooping IT Staff
Passwords Stored Insecurely

The survey also shows that the majority of companies mismanage the storage of administrative passwords by keeping them in unsecured locations and hence not controlling access to these critical codes. 57% of companies store their administrative passwords manually, 18% store them in an excel spreadsheet (which are notoriously insecure and easy to access), and 82% of IT professionals store them in their heads – hindering security efforts, business continuity, as well as the auditing, controlling and managing of passwords. In the event that the keeper of these critical administrative passwords is unavailable or loses the location of the passwords, it can cause massive disruption and hours of lost productivity.

In other words, don’t throw out any Post-It notes laying around the IT department… you may never get into your workstation again!

Insider Sabotage More Prevalent

15% of companies interviewed had experienced insider sabotage, which is not surprising considering that over one-third of IT staff report using administrative passwords to snoop around corporate systems. Even worse, such snooping can turn ugly when IT workers feel disgruntled, aggrieved and especially after they’ve been fired. According to a recent study by Carnegie Mellon University, the most common insider attack is by a disgruntled IT employee using anonymous access from a privileged account.

Spotlight

(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Mar 4th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //