
CURRENT SECTION :: Jobs	UK's most visited IT Contractor Site - 250k unique visitors March 2008

Members
Subscribe to our news letter service to keep current with the latest news and information. Click here to join.

Site Navigation
Home News Contractor Alliance Free Stuff Company Formation Bulletin Board First Timers Trading Structures Legal : IR35 / IR591 Legal : S660 Tax/Legal Q&A Jobs Contract Search Urgent Contracts Overseas Guides Market Stats Money Insurance Training Directory Agency Directory TechZone Contact Us

Search
Advanced Search

News for you
RSS XML feed News feed for your site News feed information

News article sponsored by...

Maximising Contractors' Returns

Safe, effective solutions for contractors

Call now on 08702 880055

IT staff snoop employees’ details

The special privileges enjoyed by IT administrators are being abused to snoop confidential information about employees.

One in three IT workers at Infosecurity Europe admitted they’d peeked other workers’ data, such as their personal e-mails, wage and background.

“Why does it surprise you that so many of us snoop around your files?” said one IT administrator, quizzed by Cyber-Ark, which commissioned the study.

“Wouldn't you if you had secret access to anything you can get your hands on!?"

Elsewhere, more than one-third of respondents said they could still access their former employer’s computer network, says the research, published last week.

The high number of IT workers who had administrative passwords, whether they kept or obtained them, was down to the security sloppiness of the company, the study hinted.

Half of all administrators were able to keep the passwords on Post-it notes, while one-fifth of organisations said the passwords, to allow anonymous access, were changed only rarely.

A further seven per cent of organisations admitted that, for reasons like convenience, their administrative passwords were never changed.

One IT Administrator explained: "It's easy for an employee to update the personal password to their laptop, but to change the Administrator password on that same machine?

“It would take days for IT to do them all by hand. In the end, we just pick one password for all the systems and write it down."

Ominously for business continuity, eight out of ten administrators said they simply remembered their passwords in their head, rather than writing them down or storing them on devices.

“The easiest way to infiltrate a company's network is to look for administrative passwords which are left blank, still have the manufacturers default password or just use obvious names,” said Gary Mckinon, 'the Pentagon hacker.'

Calum Macleod, European Director for Cyber-Ark, added: "It's surprising to find out how rife snooping is in the workplace. Gone are the days when you had to break into the filing cabinet in the personnel department to get at vital and highly confidential information.

“Now all you need to have is the administrative password and you can snoop around most places, and it appears that is exactly what's happening.”

Jun 4, 2007

Email this article
Printer friendly page
Previous Page

Contractor Services
Contractor Insurance \| Contractor Mortgages \| Company Credit Check \| Pensions \| PHI \| Medical Cover \| Training \| Free Banking \| Directory \| Umbrella Companies

Urgent Contracts
Click here for CUK's latest hot contracts from CWJobs, updated daily.


All content © Contractor UK Limited	[Register for News Letter] \| [Privacy Statement] \| [Terms of Use] \| [Top of Page]