ANTenna Blog -- Business & E-Business

A recent survey indicates that most IT admins, if they were fired or laid off or whatever you want to call it, will (gleefully?) mess with their business' systems on their way out the door. Note to self: Protect your business from its protectors.

A new survey from security firm Cyber-Ark, demonstrates that a whopping 88 percent of IT workers would "consider stealing valuable and sensitive company information if they were made redundant".

Further frightening details from the survey is that "a CEO's passwords, customer databases and research and development plans are among the information most likely to be taken by disgruntled employees."

Sensitive, not to mention valuable, information in the hands of "disgruntled" employees does not sound like a recipe for success for any business looking to grow, much less survive to see a new day.

Udi Mokady, CEO of Cyber-Ark, is quoted: "Most company directors are blissfully unaware of the administrative or privileged passwords that their IT guys have access to which allows them to see everything that is going on within the company. These privileged identities, which lie on hundreds of servers and applications, very rarely get changed as it is often considered too much hassle."

But how can a business -- especially a growing business which frequently has fewer people with greater responsibilities -- protect themselves against internal threats?

Mokady notes, "Our advice is secure the most privileged data, and routinely change and manage them, so that if an employee's contract is terminated, whether sacked or made redundant, they can't maliciously play havoc inside the network or vindictively steal data for competitive or financial gain."

But, of course the survey also indicates that more than a third of IT admins admitted using privileged passwords to "snoop on the network, looking up salaries and other personnel details as well as confidential business information and the web viewing habits of other staff." Just as many also admitted to writing passwords on Post-it notes and leaving them on monitors, 35 per cent send confidential information via unencrypted email and four per cent trust it to the post.

As Mokady sums up: "You can install the best security systems in the world, but if your staff do not respect the information they are entrusted with, then the information will definitely go astray - just as the findings of this survey have illustrated."