The sixth annual global "Trust, Security and Passwords Survey" indicates that the IT Crowd will exit the building with as much corporate data they can get their paws on if they are fired. The report said that just under half of 820 respondents admitted if they were fired tomorrow, they'd walk out with proprietary data such as privileged password lists, company databases, R&D plans and financial reports.
To be fair Cyber Ark's products are designed to stop this sort of thing, so it has a vested interest in making the problem appear worse than it is. But that figure is still pretty large. Since 71 percent believe the insider threat is the priority security concern and poses the most significant business risk with privileged accounts being a major problem.
What is strange however is that the report said that only 57 percent monitor the use of such accounts and the other 43 percent weren't sure or knew they didn't. Those that monitored accounts said that they could get around any controls. This is because privileged accounts are often protected by weak or default passwords, which are seldom replaced.
"Businesses that are not securing and managing these high-value targets are failing to uphold their responsibility for securing customer and similar sensitive information," the report said.
The report said that 45 percent of staff said they have access to information on a system that is not relevant to their role. Another 42 percent said that they or a colleague have used admin passwords to access information that was otherwise confidential. More than 55 percent believe competitors have received their company’s highly sensitive information or intellectual property. Another 42 percent of respondents said they have used their administrator passwords to access confidential information.