US information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 per cent said they had accessed information that was not relevant to their role.
“All you need is access to the right passwords or privileged accounts and you’re privy to everything that’s going on within your company,” Mark Fullbrook, Cyber-Ark’s UK director, said in a statement released along with the survey results on Thursday.
“For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom,” he added.
Cyber-Ark said privileged passwords get changed far less frequently than user passwords, with 30 per cent being changed every quarter and 9 per cent never changed at all, meaning that IT staff who have left an organization could still gain access.
It added that seven out of 10 companies rely on outdated and insecure methods to exchange sensitive data, with 35 per cent choosing email and 35 per cent using couriers, while 4 percent still relied on the postal system.