Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?
from the unlikely dept
You can’t trust your IT admin — or at least that’s the story being pushed by a security firm that released the eye-catching study results saying that 88% of IT admins surveyed would take “sensitive company” info such as passwords, if they were fired. We’ve all heard stories about disgruntled tech workers, so perhaps some part of this feels true, but that 88% number just seems way too high. The security company obviously has every reason to push a high number, as it’s goal is to sell solutions that help deal with this supposed “problem.” And, of course, it fails to release the actual details of the survey, such as how the questions were worded. While I’m sure there are some IT admins who would do so, it seems highly suspect to claim that almost 90% of IT admins would act in such a manner.
Filed Under: disgruntled it workers
Comments on “Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?”
The key phrase here is “if they were fired”. A person working in a company and/or leaving on amicable terms would not be likely to steal company info. If a person is fired, that person will feel wronged and probably feel that their employment was wrongly terminated.
In those circumstances, most people in any profession will look for a bit of petty “payback”. Some might smash furniture or slash their bosses’ tires. Others might be more subtle – stealing clients, reporting perceived bad company practices to the authorities, etc.
A sys admin will have all the hardware, software and data of the company at his disposal. Most of us would think about damaging the company that just canned us in some way, and stealing data or sabotaging the working systems is often the easiest way, especially if your replacement is slow on blocking all your access.
The moral of the story is simple: try to break off with former employees in the best terms possible and then ensure that sensitive data is not available to that person after you’ve broken the news.
Re: Re:
“The moral of the story is simple: try to break off with former employees in the best terms possible and then ensure that sensitive data is not available to that person after you’ve broken the news”
honestly, you should cut off their access before you fire them.
Re: Re: Re:
Yeah, I tried to imply that, sorry if it wasn’t clear…
Re: Re:
“then ensure that sensitive data is not available to that person after you’ve broken the news.”
Nice….
In practice that means firing someone and immediately hauling all of his belongings outside of the corporate building in the presence of a security guard
“best terms possible” indeed…
Re: Re: Re:
In fact, this is what happened to my that day I lost my balls in that horrible coding accident, you stupid punks.
Re: Re: Re: Re:
You don’t have balls?
I KNEW IT! HE WAS A EUNICH PROGRAMMER!
Re: Re: Re:
No it doesn’t. It means not pissing off the person so much that he immediately VPNs into your system from an internet cafe, steal client data then hose your system.
Something people used to dealing with physical items often forget – any competent modern sys admin has remote admin capabilities to every part of the network.
Re: Re:
Great article! I learned a lot from it, keep it up!.
Define 'Take'
It seems to me that if a company fails to change their passwords upon firing an IT admin, passwords would be taken by virtue of the fact that people remember passwords they use frequently. IIt seems reasonable that 88% of IT admins are smart enough to remember a couple passwords after being fired. Now if they had reported that 88% of IT admins would take passwords with malicious intent to distribute them for profit, that would be a different (possibly more effective) sales pitch.
Just a thought.
Kevin
Re: Define 'Take'
Exactly. I still remember the majority of the passwords for the IT company I used to work for. I would guess that most of them still work. I don’t remember them as some sort tool for nefarious purposes. I remember them because I used them everyday and the mind does not quickly (or ever) reject information ingrained by years of daily repetition.
If the survey had asked me simply whether I would remember or take passwords with me if fired, I would have to say yes because I can’t force myself to forget them. That does not mean I have any intent to use them unethically.
Hmmmmm . . . .
” . . . at least that’s the story being pushed by a security firm . . . “
Who no doubt has a solution to sell?
Re: Hmmmmm . . . .
So if you hire them as a security firm, and you fired them… would they fall into that 88%?
They may have left out the word "Think"
My gut tells me that the question was asked was “would you THINK about stealing info if you were fired”. Not “Would you steal info if you were fired”. It makes a big difference.
Of course people would think about it. Anger is a part of being fired. But I think most admins are mature and responsible enough to not act on fantasies of revenge.
Re: They may have left out the word "Think"
My gut says that the survey did not use a word as strong as “steal,” or there is no way 88% would have said yes, anonymous or not. My guess would be that they used a word like “take” or “remember.”
Seen this coming...
Why do you think the BOFH series has been so popular over the years?
For those that haven’t been initiated, you can google BOFH… it’s perfectly safe to view at work.
Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?
They are if you are a security firm selling solutions to employee theft otherwise it is most likely closer to 8.8%.
Information is...
IT Admins, by virtue of their employment, are already in possession of sensitive company info! (It’s trapped in their head, right behind their eyes.)
How do they give back that info before leaving?
Wrong question.
The real question should be: How many managers (by percentage) piss off the IT workers enough that they’re willing to steal sensitive data in the first place?
Re: Wrong question.
The Answer: All of them who weren’t admins or IT workers themselves (in the last 1-3 years tops).
The Rawr: Semi-technically inclined managers are the worst. You can understand some of it, but they try to use technical terms that may not mean the same to a seasoned IT worker.
Re: Wrong question.
i’d say that figure lies somewhere between 88-100% of managers
I guess...
When I get fired I will know for sure!
I have a few tricks that up my sleeve that if I was fired that would cause head aches. No stealing or deleting, just a little something to keep the new guy busy.
Contacts
I bet they’re including the IT Admin’s phone numbers for suppliers etc – personal contact stuff. Most companies argue that it belongs to them.
And just who...
Who is it that is going to administer the new security measures designed to keep your IT people away from sensitive information….?
Doesn't "Fired" generally mean immediately dismissed?
It is my understanding that when you truly fire someone, they are done then on the spot. Layed off, not so, but the story says only if they were fired.
It has been my experience when dealing with IT personelle that if you have admin rights, you are walked out immediately upon termination of employment by either party.
If that is the case, the only thing that the employee can take is what they used everyday before that. So how can they be stealing anything after the fact? Shouldn’t policy actually resolve any threats through password changes?
So this 88% is just a scare tactic, and probably doesn’t constitute a threat as much as a question like: “If you were fired, would you try to login to see if any of your password still worked?”
Re: Doesn't
Many admins will leave backdoor access to themselves in case of catastrophes. Any competent admin will also have facilities for accessing the network remotely so they don’t have to jump in their car if they get a callout at 3am. They also know the mindsets of their co-workers and managers (e.g. standard passwords, etc.)
Remember a sys admin has access to everything on the network. Forget to change a particular password or disable a certain service, and that sys admin can easily gain access to data after the firing, even if he’s immediately escorted off premises.
Haha page not found…
This can absolutely not be a true percentage. If it is I can honestly say that 88% of sysadmins are causing the environment of internal politics and pointy haired bosses we also complain about.
Wow, I didn’t know I was in such an exclusive class. I would never steal data or do anything equally damaging to a company if I got fired. I might think about it, but never do it. I did get fired from my last job, and being the only IT person in the whole place, in just a few seconds I could have logged into the primary Linux file/print/email server (small company) as root user and run a command that would have wiped the entire hard drive clean. Believe me, it was tempting given the situation, but I would never, EVER actually do something like that.
88%… They probably asked 100 people on the first survey, then conducted a second survey with select people… This probably was a group of 10 and 8 people said they would and 1 person said they would, but only had 1 arm (the other 8%) and 1 said they would not!
IT people often do have the “keys to the kingdom.” Therefore the first and most vital line of defense is to hire people you can trust. If you talk to most people in sensitive positions you will find out that they know a way to rip off the system. The ones you need to worry about are the ones who don’t have a way to rip off the company; they just don’t have a method that they are willing to talk about.
'fired' - keyword
The article the was referenced by anothe site yesterday said for managers/etc to not treat the IT Admins like crap before firing them. Well, duh. If you treat someone like crap who controls the entire company, you get what you asked for.
She someone do it. No. You’re just lowering yourself and asking for trouble yourself. If the company is truely mean, you can rest assure they’ll never keep any decent admins and will have crappy IT.
Last company I worked for was a cookie-cutter Microsoft based infrastructure. But good luck doing anything since they where
firewalled from the outside,
ACL’s between vlans to block unsecure windows sharing protocols,
your network account got disabled on your last day,
ALL local admin passwords were 20 char randomly generated that were changed daily,
each workstation limited logons to the primary users of the computer,
to get admin access to a computer you had to be in a certain security group and had to request the admin password which was logged and would give you temporary admin access for 2 hours before it would kick you off and demote you,
even the primary user of a computer had to opt-in and follow the same rules for admin access except they were limited to only their computer,
unused network ports were disabled,
wireless used the new AES wirelss encrpytion AND you had to VPN in to get any access to anything,
everything was based around minimal power and having to make logged requests to get access to anything which was easily done.
Even with all these check points, working as IT was easy and requests where transparent.
This was a University.
im pretty sure most ppl heal trying to deflate the number would “steal” the passwords in such a situation.
Black listed?
Ok, so they have the passwords, get fired and then use the info against the compnay that fired them. The company would realize all the shit went down after they fired the guy , so when he goes for an interview, the firing company would say (when referenced) “well he gave out our sensitive data because we fired his ass for reasons xy and z”
So they would put themselves in check mate should they actually go forth with it.
PLus, saying you would do something doesn’t mean you would. My bro got jumped once, I said i would have done this and that, then i got jumped a couple of years later, I did not deliver what I said I would a couple of years earlier.
Also, if these people have families, they don’t want to risk the possibility of prison or even a law suit because their families come first. (usually)
digital clues snitch on the criminal
Stealing company data is very dangerous. The act of stealing can be recorded by electronic footprints that can trace to the criminal. In the Age of Information, anyone abusing authority or privilege risks being caught by all the surprising little records chronicling the caper. –Ben
Honestly, today’s corporation would happily ruin the lives of thousands of workers by laying them off if it meant a temporary two dollar bump in their stock price.
So why on earth would any worker feel obliged to have a shred of loyalty to their employer? It wasn’t the workers who created the sense of hostility that exists between ownership/management and labor.
There are lies, damn lies, and statistics…
Oh, and for good measure- 88% of statistics are made up on the spot.
This just in...
88% of dogs are on the verge of killing their owners.
As an IT Admin
I think you need to have more control than that. Any network admin with a password can’t hurt a network. That doesn’t make you a hacker. You will be caught and pay a fine or go to jail.
You should respect the company’s privacy even if you are fired.
Statistics........
88% is too high. It is more like 82-82.5%.
Does that include the password groups you use everyday and would require a brain tap to have the removed or is it just the one you write down and take home. Clearly the other 12% just forgot the passwords…
spam them all
The best thing is get everyone’s email address and sign them up for spam.
Here’s some examples (pulled from recent spam):
http://www.dataentrycorp.com/unsubs.php
http://redguu.com/remove/
http://www.emericalinksite.com/index/MTYwMXw=/Unsubscribe.html
http://cactusmedia.com/goldrush/unsubscribe.asp
That sounds like a BS report. MOST IT people know that the resume is > revenge.
I wouldn’t do that, no matter how pissed off I was. I’m not about to try and find a job with anything like that on my record.
IF
If I really wanted to I could make some really good guess about the CEO or executive passwords. As an IT admin they are often to willing to given me their password2 so I can quickly resolve a most demanding issue with there PC. It does not take much brains to see trends in their password3. I am sure that the logic used generated their next password4 would be easily figured out. EVEN their VPN password5 is fairly logical.
No 88% is at least 60% too high
I’ve heard of two people in 25 years damaging a system when fired or disgruntled. I’m sure this number is whacked…
Only “where the bodies are buried”, and keep that in a safe place. Payback is a bitch.
spam them all
The best thing is get everyone’s email address and sign them up for spam.
Here’s some examples (pulled from recent spam):
http://www.dataentrycorp.com/unsubs.php
http://redguu.com/remove/
http://www.emericalinksite.com/index/MTYwMXw=/Unsubscribe.html
http://cactusmedia.com/goldrush/unsubscribe.asp
All your base...
…are belong to us.