It's Actually Not Big Brother Who Is Watching

By Deb Perelman  |  Posted 2007-05-30

One in three IT employees admits to snooping through company systems and peeking at confidential information such as private files, wage data, personal e-mails and HR background information, according to a study released May 30 by Cyber-Ark Software, an information security company.

The study found that these so-called snoopers peer at private data with ease through the use of the administrative passwords given to allow them open access to company systems. The study paints a particularly menacing picture of tech workers, going so far as to include a response by an IT administrator who laughed out loud as he responded to the questions.

"Why does it surprise you that so many of us snoop around your files? Wouldn't you if you had secret access to anything you can get your hands on?"

As if the study hadn't painted a malevolent enough imagine of IT pros, it found that more than one-third admitted that they could still access their company's network once they'd left their current job, and there would be nobody to stop them. One-quarter of respondents even knew of another IT staff member who still had access to company networks even though they'd left the organization long ago.

Fifteen percent of companies interviewed admitted that they had experienced such insider sabotage. According to a recent study by Carnegie Mellon University, the most common insider attack is by a disgruntled IT employee using anonymous access from a privileged account.

"It's surprising to find out how rife snooping is in the workplace. Gone are the days when you had to break into the filing cabinet in the personnel department to get at vital and highly confidential information," Calum Macleod, European Director for Cyber-Ark, said in a statement.

"Now all you need to have is the administrative password and you can snoop around most places, and it appears that is exactly what's happening."

Though any study about network and password security holes from a company that provides network and password solutions should be taken with a grain of salt, the results underscore a not-so-secret trend: In all likelihood, it's not Big Brother who is watching, but a nosy, bored or disgruntled back-office IT worker. And it's up in the air which causes workers less comfort.

Rocket Fuel