Company Cyber-Ark has conducted an interview of 300 IT managers. According to their press release, there are some interesting (worrying) outcomes:
- 88% of the interviewed IT managers admit that they would steal sensitive data if being layed off. A third of them would leave with the list of privileged passwords that give access to root resources!
- More than a quarter of the interviewed managers announced to have faced problems of leaking or stolen data. Economic intelligence (nice euphemism for industrial spying) is a reality.
The report seems to show that bad practice with sensitive data and password are still very generalized.
88% is awfully worrying. With the generalization of outsourcing storage (Sharepoint, …) or outsourcing computing power (cloud computing), this problem will become more and more problematic. Outsourcing is changing the trust model of IT. Some trust hypothesis may weaken. Will you trust as much IT administrators from outsourcing companies than your ones. Are you sure that they can be trusted? Will you audit their security policies and their compliance to them? Storage of sensitive data will become more and more complex.
I have not read the report. I will try to get access to it (not directly available on their site) and will come back to you with the best parts.