It’s not surprising that employees who are fired from their jobs are generally displeased people. A recent survey of 300 Australian IT administrators found that an overwhelming majority would steal company data if they were laid off.
According to the survey, 88 percent of IT administrators said that they would knowingly take with them company secrets before their departure. Such sensitive data would include passwords, client records, financial reports, company strategy and other critical documents.
The information comes from Cyber-Ark, an identity management firm, which released its findings in its annual review titled, “Trust, Security & Passwords.”
“Most company directors are blissfully unaware of the administrative or privileged passwords that their IT guys have access to which allows them to see everything that is going on within the company. These privileged identities, which lie on hundreds of servers and applications, very rarely get changed as it’s often considered too much hassle,” said Udi Mokady, chief executive of security firm of Cyber-Ark.
Mokady then offered what seems like common sense. “Our advice is secure the most privileged data, and routinely change and manage them, so that if an employee’s contract is terminated, whether sacked or made redundant, they can’t maliciously play havoc inside the network or vindictively steal data for competitive or financial gain.”
Even with such measures in place to prevent disgruntled former employees from causing harm for long, it appears that another problem is that some administrators have unsecure habits. The survey found that over a third of respondents admitted to writing down passwords on Post-It notes and leaving them fixed on computer monitors, or sending confidential information through unencrypted email.
Current IT administrators are often the gatekeepers to sensitive information storage. A third of administrators admitted to snooping around the network for confidential data such as employee salary information and personal emails.
Finally, one compounding factor threatening corporate security is the growing reliance on mobile devices such as BlackBerry, USB thumbdrives and laptops that can end up misplaced.