Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?

from the unlikely dept

You can't trust your IT admin -- or at least that's the story being pushed by a security firm that released the eye-catching study results saying that 88% of IT admins surveyed would take "sensitive company" info such as passwords, if they were fired. We've all heard stories about disgruntled tech workers, so perhaps some part of this feels true, but that 88% number just seems way too high. The security company obviously has every reason to push a high number, as it's goal is to sell solutions that help deal with this supposed "problem." And, of course, it fails to release the actual details of the survey, such as how the questions were worded. While I'm sure there are some IT admins who would do so, it seems highly suspect to claim that almost 90% of IT admins would act in such a manner.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    PaulT (profile), Sep 4th, 2008 @ 7:23am

    The key phrase here is "if they were fired". A person working in a company and/or leaving on amicable terms would not be likely to steal company info. If a person is fired, that person will feel wronged and probably feel that their employment was wrongly terminated.

    In those circumstances, most people in any profession will look for a bit of petty "payback". Some might smash furniture or slash their bosses' tires. Others might be more subtle - stealing clients, reporting perceived bad company practices to the authorities, etc.

    A sys admin will have all the hardware, software and data of the company at his disposal. Most of us would think about damaging the company that just canned us in some way, and stealing data or sabotaging the working systems is often the easiest way, especially if your replacement is slow on blocking all your access.

    The moral of the story is simple: try to break off with former employees in the best terms possible and then ensure that sensitive data is not available to that person after you've broken the news.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Kevin, Sep 4th, 2008 @ 7:28am

    Define 'Take'

    It seems to me that if a company fails to change their passwords upon firing an IT admin, passwords would be taken by virtue of the fact that people remember passwords they use frequently. IIt seems reasonable that 88% of IT admins are smart enough to remember a couple passwords after being fired. Now if they had reported that 88% of IT admins would take passwords with malicious intent to distribute them for profit, that would be a different (possibly more effective) sales pitch.

    Just a thought.

    Kevin

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 7:33am

    Hmmmmm . . . .

    " . . . at least that's the story being pushed by a security firm . . . "

    Who no doubt has a solution to sell?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Ron Larson, Sep 4th, 2008 @ 7:39am

    They may have left out the word "Think"

    My gut tells me that the question was asked was "would you THINK about stealing info if you were fired". Not "Would you steal info if you were fired". It makes a big difference.

    Of course people would think about it. Anger is a part of being fired. But I think most admins are mature and responsible enough to not act on fantasies of revenge.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 7:39am

    Seen this coming...

    Why do you think the BOFH series has been so popular over the years?

    For those that haven't been initiated, you can google BOFH... it's perfectly safe to view at work.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 7:44am

    Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?

    They are if you are a security firm selling solutions to employee theft otherwise it is most likely closer to 8.8%.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Evil Mike, Sep 4th, 2008 @ 7:50am

    Information is...

    IT Admins, by virtue of their employment, are already in possession of sensitive company info! (It's trapped in their head, right behind their eyes.)

    How do they give back that info before leaving?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous IT hack, Sep 4th, 2008 @ 7:53am

    Wrong question.

    The real question should be: How many managers (by percentage) piss off the IT workers enough that they're willing to steal sensitive data in the first place?

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Potato Head, Sep 4th, 2008 @ 8:02am

    I guess...

    When I get fired I will know for sure!

    I have a few tricks that up my sleeve that if I was fired that would cause head aches. No stealing or deleting, just a little something to keep the new guy busy.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Steve, Sep 4th, 2008 @ 8:02am

    Contacts

    I bet they're including the IT Admin's phone numbers for suppliers etc - personal contact stuff. Most companies argue that it belongs to them.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 8:05am

    Re: Hmmmmm . . . .

    So if you hire them as a security firm, and you fired them... would they fall into that 88%?

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    mobiGeek, Sep 4th, 2008 @ 8:07am

    And just who...

    Who is it that is going to administer the new security measures designed to keep your IT people away from sensitive information....?

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Banana, Sep 4th, 2008 @ 8:07am

    Re: Wrong question.

    The Answer: All of them who weren't admins or IT workers themselves (in the last 1-3 years tops).

    The Rawr: Semi-technically inclined managers are the worst. You can understand some of it, but they try to use technical terms that may not mean the same to a seasoned IT worker.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 8:15am

    Doesn't "Fired" generally mean immediately dismissed?

    It is my understanding that when you truly fire someone, they are done then on the spot. Layed off, not so, but the story says only if they were fired.

    It has been my experience when dealing with IT personelle that if you have admin rights, you are walked out immediately upon termination of employment by either party.

    If that is the case, the only thing that the employee can take is what they used everyday before that. So how can they be stealing anything after the fact? Shouldn't policy actually resolve any threats through password changes?

    So this 88% is just a scare tactic, and probably doesn't constitute a threat as much as a question like: "If you were fired, would you try to login to see if any of your password still worked?"

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 8:29am

    Re:

    "The moral of the story is simple: try to break off with former employees in the best terms possible and then ensure that sensitive data is not available to that person after you've broken the news"

    honestly, you should cut off their access before you fire them.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 8:34am

    Haha page not found...

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Urban, Sep 4th, 2008 @ 8:42am

    This can absolutely not be a true percentage. If it is I can honestly say that 88% of sysadmins are causing the environment of internal politics and pointy haired bosses we also complain about.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward #42, Sep 4th, 2008 @ 8:50am

    Wow, I didn't know I was in such an exclusive class. I would never steal data or do anything equally damaging to a company if I got fired. I might think about it, but never do it. I did get fired from my last job, and being the only IT person in the whole place, in just a few seconds I could have logged into the primary Linux file/print/email server (small company) as root user and run a command that would have wiped the entire hard drive clean. Believe me, it was tempting given the situation, but I would never, EVER actually do something like that.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 8:51am

    88%... They probably asked 100 people on the first survey, then conducted a second survey with select people... This probably was a group of 10 and 8 people said they would and 1 person said they would, but only had 1 arm (the other 8%) and 1 said they would not!

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    hegemon13, Sep 4th, 2008 @ 8:53am

    Re: Define 'Take'

    Exactly. I still remember the majority of the passwords for the IT company I used to work for. I would guess that most of them still work. I don't remember them as some sort tool for nefarious purposes. I remember them because I used them everyday and the mind does not quickly (or ever) reject information ingrained by years of daily repetition.

    If the survey had asked me simply whether I would remember or take passwords with me if fired, I would have to say yes because I can't force myself to forget them. That does not mean I have any intent to use them unethically.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    hegemon13, Sep 4th, 2008 @ 8:54am

    Re: They may have left out the word "Think"

    My gut says that the survey did not use a word as strong as "steal," or there is no way 88% would have said yes, anonymous or not. My guess would be that they used a word like "take" or "remember."

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 9:06am

    IT people often do have the "keys to the kingdom." Therefore the first and most vital line of defense is to hire people you can trust. If you talk to most people in sensitive positions you will find out that they know a way to rip off the system. The ones you need to worry about are the ones who don't have a way to rip off the company; they just don't have a method that they are willing to talk about.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    angry dude, Sep 4th, 2008 @ 9:29am

    Re:

    "then ensure that sensitive data is not available to that person after you've broken the news."

    Nice....

    In practice that means firing someone and immediately hauling all of his belongings outside of the corporate building in the presence of a security guard

    "best terms possible" indeed...

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    *angry dude, Sep 4th, 2008 @ 9:33am

    Re: Re:

    In fact, this is what happened to my that day I lost my balls in that horrible coding accident, you stupid punks.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    p!ssedadmin, Sep 4th, 2008 @ 9:54am

    Re: Wrong question.

    i'd say that figure lies somewhere between 88-100% of managers

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Benjie, Sep 4th, 2008 @ 10:10am

    'fired' - keyword

    The article the was referenced by anothe site yesterday said for managers/etc to not treat the IT Admins like crap before firing them. Well, duh. If you treat someone like crap who controls the entire company, you get what you asked for.

    She someone do it. No. You're just lowering yourself and asking for trouble yourself. If the company is truely mean, you can rest assure they'll never keep any decent admins and will have crappy IT.

    Last company I worked for was a cookie-cutter Microsoft based infrastructure. But good luck doing anything since they where

    firewalled from the outside,

    ACL's between vlans to block unsecure windows sharing protocols,

    your network account got disabled on your last day,

    ALL local admin passwords were 20 char randomly generated that were changed daily,

    each workstation limited logons to the primary users of the computer,

    to get admin access to a computer you had to be in a certain security group and had to request the admin password which was logged and would give you temporary admin access for 2 hours before it would kick you off and demote you,

    even the primary user of a computer had to opt-in and follow the same rules for admin access except they were limited to only their computer,

    unused network ports were disabled,

    wireless used the new AES wirelss encrpytion AND you had to VPN in to get any access to anything,

    everything was based around minimal power and having to make logged requests to get access to anything which was easily done.

    Even with all these check points, working as IT was easy and requests where transparent.

    This was a University.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    wasnt me!, Sep 4th, 2008 @ 10:11am

    im pretty sure most ppl heal trying to deflate the number would "steal" the passwords in such a situation.

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    PaulT (profile), Sep 4th, 2008 @ 10:12am

    Re: Doesn't

    Many admins will leave backdoor access to themselves in case of catastrophes. Any competent admin will also have facilities for accessing the network remotely so they don't have to jump in their car if they get a callout at 3am. They also know the mindsets of their co-workers and managers (e.g. standard passwords, etc.)

    Remember a sys admin has access to everything on the network. Forget to change a particular password or disable a certain service, and that sys admin can easily gain access to data after the firing, even if he's immediately escorted off premises.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Duder, Sep 4th, 2008 @ 10:13am

    Black listed?

    Ok, so they have the passwords, get fired and then use the info against the compnay that fired them. The company would realize all the shit went down after they fired the guy , so when he goes for an interview, the firing company would say (when referenced) "well he gave out our sensitive data because we fired his ass for reasons xy and z"

    So they would put themselves in check mate should they actually go forth with it.

    PLus, saying you would do something doesn't mean you would. My bro got jumped once, I said i would have done this and that, then i got jumped a couple of years later, I did not deliver what I said I would a couple of years earlier.

    Also, if these people have families, they don't want to risk the possibility of prison or even a law suit because their families come first. (usually)

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Benjamin Wright, Sep 4th, 2008 @ 10:15am

    digital clues snitch on the criminal

    Stealing company data is very dangerous. The act of stealing can be recorded by electronic footprints that can trace to the criminal. In the Age of Information, anyone abusing authority or privilege risks being caught by all the surprising little records chronicling the caper. --Ben

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    PaulT (profile), Sep 4th, 2008 @ 10:17am

    Re: Re:

    No it doesn't. It means not pissing off the person so much that he immediately VPNs into your system from an internet cafe, steal client data then hose your system.

    Something people used to dealing with physical items often forget - any competent modern sys admin has remote admin capabilities to every part of the network.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Pope Ratzo, Sep 4th, 2008 @ 10:17am

    Honestly, today's corporation would happily ruin the lives of thousands of workers by laying them off if it meant a temporary two dollar bump in their stock price.

    So why on earth would any worker feel obliged to have a shred of loyalty to their employer? It wasn't the workers who created the sense of hostility that exists between ownership/management and labor.

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    PaulT (profile), Sep 4th, 2008 @ 10:18am

    Re: Re:

    Yeah, I tried to imply that, sorry if it wasn't clear...

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    uncle bob, Sep 4th, 2008 @ 10:34am

    There are lies, damn lies, and statistics...

    Oh, and for good measure- 88% of statistics are made up on the spot.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Ortzinator, Sep 4th, 2008 @ 10:38am

    This just in...

    88% of dogs are on the verge of killing their owners.

     

    reply to this | link to this | view in thread ]

  36.  
    icon
    Jim Gaudet (profile), Sep 4th, 2008 @ 11:00am

    As an IT Admin

    I think you need to have more control than that. Any network admin with a password can't hurt a network. That doesn't make you a hacker. You will be caught and pay a fine or go to jail.

    You should respect the company's privacy even if you are fired.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 11:00am

    Statistics........

    88% is too high. It is more like 82-82.5%.

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 11:51am

    Does that include the password groups you use everyday and would require a brain tap to have the removed or is it just the one you write down and take home. Clearly the other 12% just forgot the passwords...

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    m1t0s1s, Sep 4th, 2008 @ 12:01pm

    spam them all

    The best thing is get everyone's email address and sign them up for spam.

    Here's some examples (pulled from recent spam):

    http://www.dataentrycorp.com/unsubs.php

    http://redguu.com/remove/

    http://www.emerica linksite.com/index/MTYwMXw=/Unsubscribe.html

    http://cactusmedia.com/goldrush/unsubscribe.asp

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Overcast, Sep 4th, 2008 @ 12:14pm

    That sounds like a BS report. MOST IT people know that the resume is > revenge.

    I wouldn't do that, no matter how pissed off I was. I'm not about to try and find a job with anything like that on my record.

     

    reply to this | link to this | view in thread ]

  41.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 12:36pm

    IF

    If I really wanted to I could make some really good guess about the CEO or executive passwords. As an IT admin they are often to willing to given me their password2 so I can quickly resolve a most demanding issue with there PC. It does not take much brains to see trends in their password3. I am sure that the logic used generated their next password4 would be easily figured out. EVEN their VPN password5 is fairly logical.

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    DC, Sep 4th, 2008 @ 4:37pm

    No 88% is at least 60% too high

    I've heard of two people in 25 years damaging a system when fired or disgruntled. I'm sure this number is whacked...

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Anonymous Coward, Sep 4th, 2008 @ 6:33pm

    Re: Re: Re:

    You don't have balls?

    I KNEW IT! HE WAS A EUNICH PROGRAMMER!

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    Dan, Sep 4th, 2008 @ 7:08pm

    Only "where the bodies are buried", and keep that in a safe place. Payback is a bitch.

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    m1t0s1s, Sep 4th, 2008 @ 10:17pm

    spam them all

    The best thing is get everyone's email address and sign them up for spam.

    Here's some examples (pulled from recent spam):

    http://www.dataentrycorp.com/unsubs.php

    http://redguu.com/remove/

    http://www.emerica linksite.com/index/MTYwMXw=/Unsubscribe.html

    http://cactusmedia.com/goldrush/unsubscribe.asp

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Sos, Sep 5th, 2008 @ 12:00am

    All your base...

    ...are belong to us.

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    The Planes, Sep 5th, 2008 @ 1:38am

    Re:

    Great article! I learned a lot from it, keep it up!.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This