Businesses considering making IT staff redundant should be aware that admins won’t be walking out the door empty handed.
A survey of 300 IT security professionals by identity management firm Cyber-Ark found that 88% would steal sensitive and valuable company information if they were laid off tomorrow.
The information most likely to be taken includes privileged password lists, customer databases, R&D plans, financial reports and any documents relating to merger and acquisitions.
A third of IT staff confessed to already snooping through confidential data such as salary information and private emails using their administrative rights, while a further third admitted to writing privileged passwords on post-it notes.
CEO of Cyber-Ark Udi Mokady said that most company directors are “blissfully unaware” of just how much information their IT staff have access to.
“When people leave the organisation, they can often still acquire an organisations’ most sensitive information,”
“Our advice is secure the most privileged data, and routinely change and manage [privileged access], so that if an employee’s contract is terminated they can’t maliciously play havoc inside the network or vindictively steal data for competitive or financial gain,” Mokady said.
Further reading
The inside job
High profile data losses are forcing organisations to tackle culprits operating inside the firewall.
Find more stories in the Security & Continuity Briefing Room