Survey shows many sysadmins abuse powers
As well as recognising yet again perennial failings in password management and security, this year's survey conducted by Cyber-Ark at the Infosecurity Exhibition has revealed that up to a third of IT support staff seem prepared to abuse their rights to snoop on the personal data of other employees. Calum Macleod of Cyber-Ark told heise Security that some commonly encountered personality traits of sysadmins have much in common with those of people convicted of espionage.
"What never ceases to amaze me is that IT staff seem totally divorced from the realities of life. Their perception seems to be that that the IT department is their private domain and that its contents are their personal property. It may even be the case that it's a sanctuary for hen-pecked husbands where they feel the freedom to take decisions without her-indoors having to approve every little detail", he argued. Obviously motivations vary, but the inadequacy of Human Resources checks on those appointed to sensitive positions in business IT clearly continues to contribute to the insider threat, and the potential is there for the threat to escalate now that abuse of privilege is becoming incentivised by organised crime.