One Identity research exposes major problem with employees snooping on the corporate network

One Identity, a specialist in helping organisations get identity and access management (IAM) right, released new global research revealing that the overwhelming majority of employees are deliberately seeking out information they are not permitted to access, exposing a major “snooping” problem among workforce.

The survey, conducted by Dimensional Research, polled more than 900 IT security professionals on trends and challenges related to managing employee access to corporate data. Among key findings, a remarkable 92% of respondents report that employees at their organisations try to access information that is not necessary for their day-to-day work – with nearly one in four (23%) admitting this behavior happens frequently.

Most alarmingly, the report indicates that IT security professionals themselves are among the worst offenders of corporate data snooping. One in three respondents admit to having accessed sensitive information that is not necessary for their day-to-day work – indicating ongoing abuse of elevated rights attributed to the IT security role.

Other findings related to IT security professionals’ shocking snooping behavior include:

  • Company performance information is a hot commodity: More than one in three (36%) of IT pros admit to looking for or accessing sensitive information about their company’s performance, apart from what is required to do for their job.
  • IT security executives are the guiltiest by level:71% of executives admit to seeking out extraneous information, compared to 56% of non-manager-level IT security team members. Additionally, 45% of executives admit to snooping for or accessing sensitive company performance information specifically, compared to just 17% of non-manager team members.
  • The smaller the company, the bigger the snoop: 38% of IT security professionals at companies with 500-2,000 employees admit to looking for or accessing sensitive performance data, versus 29% of professionals at companies with more than 5,000 employees.
  • Workers in technology companies most likely to go on a sensitive information hunt: 44% of respondents working for technology companies admit to searching for sensitive company performance information, compared to 36% in financial services, 31% in manufacturing, and just 21% in healthcare.
John Milburn

“While insider threats tend to be non-malicious in intent, our research depicts a widespread, intrusive meddling from employees when it comes to information that falls outside their responsibility – and it could be that meddling that ends up putting their employers in hot water,” said John Milburn, president and general manager of One Identity.

“Without proper governance of access permissions and rights, organisations give employees free reign to move about the enterprise and access sensitive information like financial performance data, confidential customer documentation, or a CEO’s personal files. If that information winds up in the wrong hands, corporate data loss, customer data exposure or compliance violations are possible risks that could result in irreversible damage to the business’s reputation or financial standing.”

Managing snooping & other access-based threats

Results released today reinforce a general finding prevalent within One Identity’s Global State of IAM Study: Companies are not adhering to basic identity and access management (IAM) best practices. In the case of employee snooping, role-based access control and strict governance of rights and permissions can help prevent potential bad actors from accessing confidential or sensitive information.

With regard to snooping done by IT security professionals specifically, organisations can leverage identity intelligence to identify who has elevated rights and help pinpoint exactly where abuse of those rights is occurring to address this behavior. Additionally, a separate report based on the global study recently found that best practices around removing inactive accounts, revoking access to ex-employees, and updating rights of employees whose roles have changed are also overwhelmingly poorly applied.

One Identity is committed to helping organisations eradicate these ongoing challenges, and offers a full suite of access management, identity governance, privileged management and identity as a service solutions and services that help businesses “Get IAM Right” while enabling business agility.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES
5th Edition Connected Africa announces Telecom Innovation & Excellence Awards 2024 banner

5th Edition Connected Africa announces Telecom Innovation & Excellence Awards 2024

Posted on: April 19, 2024

The International Center for Strategic Alliances (ICSA) has announced the 5th Edition Connected Africa- Telecom Innovation & Excellence Awards 2024, set to be held on 22 May 2024 in Johannesburg, South Africa. Under the theme “Building a Connected Global Economy,” the summit aims to influence the telecom in Africa. With a focus on fostering forward-thinking

Read more
local retailer taking care his business

Facilio launches refrigerant tracking and leak detection software

Posted on: April 19, 2024

Property operations software firm Facilio has announced the launch of its ready-to-deploy refrigerant tracking and leak detection software solution. This is meant for all grocery and convenience store operators who want to implement an automatic leak detection system to identify and mitigate potential refrigerant leaks to achieve 100% compliance.

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more