Over a third of IT staff admit to abusing admin rights to snoop at confidential information like colleagues' salary details and redundancy lists, according to a new study.
Data security firm Cyber-Ark questioned over 400 IT staff in the US and the UK for its third annual 'Trust, Security and Passwords' survey.
The survey found 74 percent of IT staff said it was possible "get around" around’ controls designed to protect sensitive data, despite a sharp rise in data breaches and increased media awareness on the subject.
There was a six-fold increase on last year in the number of survey respondents who said, if fired, they would capture information critical to retaining corporate advantage and security, such as financial reports or merger and acquisition (M&A) plans. Other data that IT staff admitted they would take included: customer databases, research and development strategies and CEO passwords.
One in five companies admitted experiencing cases of insider sabotage or IT security fraud. Of those companies, 36 percent suspect that their competitors have received their company’s highly sensitive information or intellectual property.
"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated," said Udi Mokady, CEO of Cyber-Ark.
"Unauthorised access to information such as customer credit card data, private personnel information, internal financial reports and R&D plans leaves a company vulnerable to a severe data leak with the risk of financial or regulatory exposure and damage to its brand, or competitors obtaining critically important competitive information,” said Mokady.