Your IT guy may be privy to your private details

One in three information technology (IT) professionals abuses administrative passwords to access confidential data such as their colleagues' salary details, personal emails or board meeting minutes, according to a recent survey.

One in three information technology (IT) professionals abuses administrative passwords to access confidential data such as their colleagues' salary details, personal emails or board meeting minutes, according to a recent survey.

American information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one third of them admitted to secretly snooping, while 47percent said they had accessed information that was not relevant to their role.

"All you need is access to the right passwords or privileged accounts and you're privy to everything that's going on within your company," Mark Fullbrook, Cyber-Ark's UK director, said in a statement released along with the survey results last week.

"For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those 'in the know' they are the keys to the kingdom," he said.

Cyber-Ark said privileged passwords were changed far less frequently than user passwords, with 30percent being changed every quarter and nine percent never changed at all, meaning that IT staff who had left an organisation could still gain access.

It said that seven out of 10 companies relied on outdated and insecure methods to exchange sensitive data, with 35percent choosing e-mail and 35percent using couriers, while four percent still relied on the postal system. - Reuters

X