SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
IT's Roving Eyes
Your IT department might be your enterprise's greatest unchecked security threat
August 10, 2006
1 Min Read
Pop quiz: Who's most likely to tamper with sensitive data in your enterprise?
An external hacker with no privileges on your network.
An end user who needs a password just to access the company holiday schedule.
An IT staffer who owns the root passwords to every server in the enterprise.
The answer is obvious. Yet, while 99 percent of security technologies and policies are geared to restrict the access of A and B, virtually nothing is being done to protect systems and data against tampering by the one organization that could most easily do it: The IT department itself.
As the keepers of the keys, IT and security staff have the best chance to access sensitive corporate data without being detected. Officially, IT people say they never access systems or documents except on authorized business, such as an audit or a security investigation. Unofficially, many IT people concede that they regularly see abuse of security privileges.
Get the rest of the story at Dark Reading.
Tim Wilson, Site Editor, Dark Reading
You May Also Like
More Insights
