IT personnel are to blame in 30% of all data breach incidents, according to research from security services firm Orthus.
The research monitored the ways users accessed, processed, stored and transmitted information, including financial records and intellectual property.
Orthus monitored more than 100,000 hours of user activity over the last year through its data leakage audit service. The software, installed on endpoints, servers and terminal servers, records how sensitive information is removed from the corporate infrastructure, providing time and date stamped visual evidence of these data leaks.
Orthus found that IT departments were responsible for 30% of incidents. The customer service department is also a common offender, responsible for 22% of the incidents identified.
"The research proves the rule: the higher level of access privileges – the greater the propensity for abuse," said Richard Hollis, managing director of Orthus. "Companies need to address the insider as the primary threat to their business. Until this is done, no real security can be achieved."