Thursday 07, December 2017 by Jessica Combes

Ninety-two per cent of survey respondents state employees attempt unauthorised access

 

One Identity, a Quest Software business specialising in Identity and Access Management (IAM), today released results of a global survey on employee ‘snooping’ habits on their respective company networks at their places of work.

Overwhelmingly, the results indicated that when given the opportunity to look through sensitive company data that an employee may not have access to, the likelihood to attempt access is high.

The survey results bust a common myth held by among many that data is safe when it’s on a company network and in the hands of its trusted employees, and that it’s the outsiders and hackers that companies should build protection against. While the latter is certainly true, the survey results show that the majority of all employees—even those within the ranks of IT security groups, the C-suite and beyond—are intrusively meddling when given the opportunity

The global survey conducted across the US, UK, Germany, France, Australia, Singapore and Hong Kong obtained over 900 respondents from various professional levels. Further, 28 per cent respondents were from large enterprises (over 5,000 employees), another 28 per cent from mid-sized enterprises (2,000—5,000 employees), and the rest from organisations with less than 2,000 employees. Of all survey respondents, a staggering 87 per cent had privileged access at the workplace, and also had a level of responsibility for security at their workplaces.

A staggering 92 per cent of respondents stated that employees at their company attempt to access information that they do not need for the execution of their jobs. Accessing sensitive data, such as employee salaries for instance could cause disharmony and disruption at the workplace, while confidential information on company financial data or future strategic plans if shared with competitors could be catastrophic for the business as a whole. 

However, a worrying result indicates 66 per cent of security professionals have tried to access information they did not need. This means not only are they attempting to access that information, but in many cases, they are actually obtaining access and ultimately abusing that privilege.

The survey results also revealed that executives are more likely to attempt unauthorised access than managers or front-line workers. As alarming as these findings are—and organisations should be alarmed—implementing best practices around identity and access management such as, role-based access rights and permissions, and applying identity analytics to spot any signs of unusual access behaviour can help organisations safeguard themselves from letting sensitive data fall into the wrong hands.

 

 

Features & Analyses

SME Finance A sincere form of flattery?

  When Stevi Lowmass of The Camel Soap Factory discovered her product was being copied and sold, she took a number of steps to… read more