Theme: Blue and Green Theme: Blue and Green Theme: Red Theme: Green
Background: 1 Background: 2 Background: 3 

Last Update: 26 Sep 2018
Version 8.1.1a
Research reveals major 'snooping' problem in Singapore
Posted on : 24 Oct 2017  Source of News: Networksasia Online

An overwhelming majority of employees are deliberately seeking out information they are not permitted to access, exposing a major “snooping” problem among today’s workforce, according to a global survey conducted by Dimensional Research. 

Commissioned by One Identity, the research polled more than 900 IT security professionals on trends and challenges related to managing employee access to corporate data. Among key findings, a remarkable 94 percent of respondents in Singapore report that employees at their organizations try to access information that is not necessary for their day-to-day work – with 16 percent admitting this behavior happens frequently. 

Most alarmingly, the report indicates that IT security professionals themselves are among the worst offenders of corporate data snooping. One in three respondents globally admit to having accessed sensitive information that is not necessary for their day-to-day work – indicating ongoing abuse of elevated rights attributed to the IT security role. 

The report also found that nearly half (47 percent) of IT pros in Singapore admit to looking for or accessing sensitive information about their company’s performance, apart from what is required to do for their job. 

Globally, 71% of executives admit to seeking out extraneous information, compared to 56 percent of non-manager-level IT security team members. Additionally, 45 percent of executives admit to snooping for or accessing sensitive company performance information specifically, compared to just 17 percent of non-manager team members. 

Globally, 38% of IT security professionals at companies with 500-2,000 employees admit to looking for or accessing sensitive performance data, versus 29 percent of professionals at companies with more than 5,000 employees. 

Also across the globe, 44% of respondents working for technology companies admit to searching for sensitive company performance information, compared to 36 percent in financial services, 31 percent in manufacturing, and just 21 percent in healthcare. 

“Businesses across the Asia Pacific region need to realize that potential cyber threats are not only coming from the outside of their organization,” said Lennie Tan, Vice President & General Manager, One Identity, Asia Pacific & Japan. 

“The alarming results of our study prove that employees in Singapore have a free reign to access sensitive information including financial performance data, confidential customer documentation, or even CEO’s personal files. Meddling with confidential information, even if it is non-malicious in intent, could lead to a serious damage to the business’s reputation and financial standing.” 

Managing Snooping & Other Access-based Threats 

The results reinforce a general finding prevalent within One Identity’s Global State of IAM Study: Companies are not adhering to basic identity and access management (IAM) best practices. In the case of employee snooping, role-based access control and strict governance of rights and permissions can help prevent potential bad actors from accessing confidential or sensitive information. 

With regard to snooping done by IT security professionals specifically, organizations can leverage identity intelligence to identify who has elevated rights and help pinpoint exactly where abuse of those rights is occurring to address this behavior. 

Additionally, a separate report based on the global study recently found that best practices around removing inactive accounts, revoking access to ex-employees, and updating rights of employees whose roles have changed are also overwhelmingly poorly applied.

source URL: