Insider Snooping Still Serious Security Issue, Survey Finds

Last year's Cyber-Ark "Trust, Security & Passwords" survey revealed that one-third of IT staff used their IT administration rights to access privileged or confidential data, including human resources records, layoff lists, merger and acquisition plans, and customer databases. Behavior hasn't changed much according to results from this year's survey.

"Despite a sharp rise in data breaches and increased media awareness on the subject, the third annual Cyber-Ark survey reveals that 35 percent of IT workers now admit to accessing corporate information without authorization, while 74 percent of respondents stated that they could circumvent the controls currently in place to prevent access to internal information," according to Cyber-Ark.

The global survey polled over 400 senior IT professionals in the United States and the United Kingdom, primarily enterprise-class companies.

The survey reveals what type of information (and how much of that data) employees are interested in taking if they are fired. This year's survey reports "a sharp increase in the number of respondents who say they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security."

For security managers, an ever more alarming result is the six-fold increase in staff "who said they would take financial reports or merger and acquisition plans." Staff who would take CEO passwords and research and development plans also climbed, increasing four-fold since last year.

Here's what employees would most likely steal:

Type of Information



Customer Database



E-mail Server Admin Account



M&A Plans



Copy of R&D Plans



CEO's Password



Financial Reports



Privileged Password List  



Also worrisome: one company in five admits having experienced "cases of insider sabotage or IT security fraud." Of those, "36 percent suspect that their competitors have received their company's highly sensitive information or intellectual property."

Organizations know about the problem. Seventy-one percent of respondents indicated that privileged accounts are monitored somewhat; of these, 91 percent of those being monitored accept their employer's monitoring activities.

Despite such understanding, nearly three-quarters of respondents (74 percent) say that they could still circumvent such monitoring. Further highlighting the ineffectiveness of an enterprise's controls and access policies, more than a third (35 percent) of IT administrators confessed to using their administration rights to look at confidential or sensitive information. They most often access "HR records, followed by customer databases, M&A plans, layoff lists and, lastly, marketing information."

"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated. Unauthorized access to information such as customer credit card data, private personnel information, internal financial reports and R&D plans leaves a company vulnerable to a severe data leak with the risk of financial or regulatory exposure and damage to its brand, or competitors obtaining critically important competitive information," said Udi Mokady, CEO of Cyber-Ark, in a prepared statement.

The full survey can be downloaded in PDF form here; registration is required for access.

About the Author

Jim Powell is president and CEO of Daisytek International Corporation. He can be contacted at 972-881-4700 or


  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

  • Qualcomm Back in Datacenter Fray with AI Chip

    The chip maker joins a crowded field of vendors that are designing silicon for processing AI inference workloads in the datacenter.

  • Microsoft To Ship Surface Hub 2S Conference Device in June

    Microsoft on Wednesday announced a June U.S. ship date for one of its Surface Hub 2S conferencing room products, plus a couple of other product milestones.

  • Kaspersky Lab Nabs Another Windows Zero-Day

    Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.