Privileged access needs to be monitored, warn security fir

The global economic slump is prompting IT staff to snoop on colleagues, suggests research.

A survey of IT workers by Cyber-Ark found that 35% of those questioned had viewed confidential information, such as salaries and redundancy lists.

The majority of those questioned, 74%, said they could get round the controls locking away confidential information.

Many admitted that they would steal information from businesses if they were fired.

Most popular among those planning to steal data when they left were copies of customer databases, passwords for an e-mail administrator account, and merger plans.

Others were more interested in data about a company's R&D efforts, financial reports, and the managing director's password.

Responses in the survey suggest the security measures placed around such data to stop them being abused were insufficient.

Only 26% of those questioned said they could not get around the controls without being detected.

"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated," said Udi Mokady, boss of Cyber-Ark in a statement.

He warned that continued unauthorised access to confidential data could mean all kinds of problems for companies. Data leaks might damage customer relationships, leave a firm in breach of regulations or hand vital data to competitors.

"Businesses must wake up and realize that trust is not a security policy," he said.

The survey was conducted among IT and security staff working in some of the largest British and American companies.