Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?

from the unlikely dept

You can’t trust your IT admin — or at least that’s the story being pushed by a security firm that released the eye-catching study results saying that 88% of IT admins surveyed would take “sensitive company” info such as passwords, if they were fired. We’ve all heard stories about disgruntled tech workers, so perhaps some part of this feels true, but that 88% number just seems way too high. The security company obviously has every reason to push a high number, as it’s goal is to sell solutions that help deal with this supposed “problem.” And, of course, it fails to release the actual details of the survey, such as how the questions were worded. While I’m sure there are some IT admins who would do so, it seems highly suspect to claim that almost 90% of IT admins would act in such a manner.

Filed Under:

If you liked this post, you may also be interested in...
Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Are 88% Of IT Admins Really On The Verge Of Stealing Sensitive Company Info?”

Subscribe: RSS Leave a comment
PaulT (profile) says:

The key phrase here is “if they were fired”. A person working in a company and/or leaving on amicable terms would not be likely to steal company info. If a person is fired, that person will feel wronged and probably feel that their employment was wrongly terminated.

In those circumstances, most people in any profession will look for a bit of petty “payback”. Some might smash furniture or slash their bosses’ tires. Others might be more subtle – stealing clients, reporting perceived bad company practices to the authorities, etc.

A sys admin will have all the hardware, software and data of the company at his disposal. Most of us would think about damaging the company that just canned us in some way, and stealing data or sabotaging the working systems is often the easiest way, especially if your replacement is slow on blocking all your access.

The moral of the story is simple: try to break off with former employees in the best terms possible and then ensure that sensitive data is not available to that person after you’ve broken the news.

angry dude says:

Re: Re:

“then ensure that sensitive data is not available to that person after you’ve broken the news.”


In practice that means firing someone and immediately hauling all of his belongings outside of the corporate building in the presence of a security guard

“best terms possible” indeed…

Kevin says:

Define 'Take'

It seems to me that if a company fails to change their passwords upon firing an IT admin, passwords would be taken by virtue of the fact that people remember passwords they use frequently. IIt seems reasonable that 88% of IT admins are smart enough to remember a couple passwords after being fired. Now if they had reported that 88% of IT admins would take passwords with malicious intent to distribute them for profit, that would be a different (possibly more effective) sales pitch.

Just a thought.


hegemon13 says:

Re: Define 'Take'

Exactly. I still remember the majority of the passwords for the IT company I used to work for. I would guess that most of them still work. I don’t remember them as some sort tool for nefarious purposes. I remember them because I used them everyday and the mind does not quickly (or ever) reject information ingrained by years of daily repetition.

If the survey had asked me simply whether I would remember or take passwords with me if fired, I would have to say yes because I can’t force myself to forget them. That does not mean I have any intent to use them unethically.

Ron Larson (profile) says:

They may have left out the word "Think"

My gut tells me that the question was asked was “would you THINK about stealing info if you were fired”. Not “Would you steal info if you were fired”. It makes a big difference.

Of course people would think about it. Anger is a part of being fired. But I think most admins are mature and responsible enough to not act on fantasies of revenge.

Anonymous Coward says:

Doesn't "Fired" generally mean immediately dismissed?

It is my understanding that when you truly fire someone, they are done then on the spot. Layed off, not so, but the story says only if they were fired.

It has been my experience when dealing with IT personelle that if you have admin rights, you are walked out immediately upon termination of employment by either party.

If that is the case, the only thing that the employee can take is what they used everyday before that. So how can they be stealing anything after the fact? Shouldn’t policy actually resolve any threats through password changes?

So this 88% is just a scare tactic, and probably doesn’t constitute a threat as much as a question like: “If you were fired, would you try to login to see if any of your password still worked?”

PaulT (profile) says:

Re: Doesn't

Many admins will leave backdoor access to themselves in case of catastrophes. Any competent admin will also have facilities for accessing the network remotely so they don’t have to jump in their car if they get a callout at 3am. They also know the mindsets of their co-workers and managers (e.g. standard passwords, etc.)

Remember a sys admin has access to everything on the network. Forget to change a particular password or disable a certain service, and that sys admin can easily gain access to data after the firing, even if he’s immediately escorted off premises.

Anonymous Coward #42 says:

Wow, I didn’t know I was in such an exclusive class. I would never steal data or do anything equally damaging to a company if I got fired. I might think about it, but never do it. I did get fired from my last job, and being the only IT person in the whole place, in just a few seconds I could have logged into the primary Linux file/print/email server (small company) as root user and run a command that would have wiped the entire hard drive clean. Believe me, it was tempting given the situation, but I would never, EVER actually do something like that.

Anonymous Coward says:

IT people often do have the “keys to the kingdom.” Therefore the first and most vital line of defense is to hire people you can trust. If you talk to most people in sensitive positions you will find out that they know a way to rip off the system. The ones you need to worry about are the ones who don’t have a way to rip off the company; they just don’t have a method that they are willing to talk about.

Benjie says:

'fired' - keyword

The article the was referenced by anothe site yesterday said for managers/etc to not treat the IT Admins like crap before firing them. Well, duh. If you treat someone like crap who controls the entire company, you get what you asked for.

She someone do it. No. You’re just lowering yourself and asking for trouble yourself. If the company is truely mean, you can rest assure they’ll never keep any decent admins and will have crappy IT.

Last company I worked for was a cookie-cutter Microsoft based infrastructure. But good luck doing anything since they where

firewalled from the outside,

ACL’s between vlans to block unsecure windows sharing protocols,

your network account got disabled on your last day,

ALL local admin passwords were 20 char randomly generated that were changed daily,

each workstation limited logons to the primary users of the computer,

to get admin access to a computer you had to be in a certain security group and had to request the admin password which was logged and would give you temporary admin access for 2 hours before it would kick you off and demote you,

even the primary user of a computer had to opt-in and follow the same rules for admin access except they were limited to only their computer,

unused network ports were disabled,

wireless used the new AES wirelss encrpytion AND you had to VPN in to get any access to anything,

everything was based around minimal power and having to make logged requests to get access to anything which was easily done.

Even with all these check points, working as IT was easy and requests where transparent.

This was a University.

Duder says:

Black listed?

Ok, so they have the passwords, get fired and then use the info against the compnay that fired them. The company would realize all the shit went down after they fired the guy , so when he goes for an interview, the firing company would say (when referenced) “well he gave out our sensitive data because we fired his ass for reasons xy and z”

So they would put themselves in check mate should they actually go forth with it.

PLus, saying you would do something doesn’t mean you would. My bro got jumped once, I said i would have done this and that, then i got jumped a couple of years later, I did not deliver what I said I would a couple of years earlier.

Also, if these people have families, they don’t want to risk the possibility of prison or even a law suit because their families come first. (usually)

Pope Ratzo (profile) says:

Honestly, today’s corporation would happily ruin the lives of thousands of workers by laying them off if it meant a temporary two dollar bump in their stock price.

So why on earth would any worker feel obliged to have a shred of loyalty to their employer? It wasn’t the workers who created the sense of hostility that exists between ownership/management and labor.

Anonymous Coward says:


If I really wanted to I could make some really good guess about the CEO or executive passwords. As an IT admin they are often to willing to given me their password2 so I can quickly resolve a most demanding issue with there PC. It does not take much brains to see trends in their password3. I am sure that the logic used generated their next password4 would be easily figured out. EVEN their VPN password5 is fairly logical.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...