A new survey of IT security professionals reveals that 92 percent of respondents say employees at their organizations try to access information that is not necessary for their day-to-day work.
The study from identity management company One Identity also shows that IT security professionals themselves are among the worst offenders for corporate data snooping. One in three respondents admit to having accessed sensitive information that is not necessary for their day-to-day work -- showing an ongoing abuse of elevated rights given to the IT security role.
More than one in three (36 percent) of IT pros admit to looking for or accessing sensitive information about their company’s performance, beyond what is required to do for their job. 71 percent of executives admit seeking out extraneous information, compared to 56 percent of non-manager-level IT security team members. Additionally, 45 percent of executives admit to snooping for or accessing sensitive company performance information specifically, compared to just 17 percent of non-manager team members.
In smaller companies the problem is worse... more
No surprise here. Over half of the eavesdropping and information loss issues crossing my path (over the last four decades) are employee related. ~Kevin