February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« 3 Key Questions for a Risk Assessment | Main | Pfizer Fails Data Protection »

September 05, 2007
Who Can't You Trust?

As Mike Rothman over at Security Incite says, the only truly safe computer is one that is shut down and disconnected from the network. And I guess you could follow that with, the only truly trustworthy co-worker is a dead co-worker. But as we need our computers up and running and our co-workers living and engaged, enterprise security, then, is a series of compromises.

I found a recent report issued by Cyber-Ark Software (listen to my podcast with them right here) quite interesting. The report found that people trusted the temp staff, as well as cleaners, security guards, as well as the sales staff, the least in a company.

Following closely behind them were, surprisingly enough, the board of directors as well as the PR and marketing staff, each pulling in 10 percent of the respondents when asked who they trusted least in their organization.

And who are the most trusted? According to the survey, the HR staff, legal department, the boss’s secretary, and the IT department all came out on top. Really, IT the most trusted, you must be thinking. Please note, though, that the survey was conducted amongst 200 office workers, mainly IT staff.

1 in 3 of those IT staff surveyed went on to admit that they abuse their IT privileges by using admin passwords and snooping around their company’s systems. They admitted to often checking out confidential data such as private files, wage data, personal emails, and HR background.

Admitted one participant: “So I know some personal stuff about my co-workers but who cares? Sales and marketing are constantly making things up about our products. That’s so much more dangerous to our company than me knowing how much Viagra the COO ordered last month – okay it’s a bit cheeky snooping around other peoples email systems but at least I’m not lying!” He continued, “I also don’t trust the board of directors who trump up figures just to please the shareholders and just like politicians only tell us what they want us to know.”

That self-serving quote just goes to prove that, as the research at the US Department of Defense found, the number one threat to a company comes from an insider, most likely from the IT Department. I guess the new adage should be: absolute access corrupts absolutely!

That’s why it’s best a company keeps track of all insider access and keep their security compromises to a minimum.

Posted by pschooff in Better Protection |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2282

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map