The vast majority of employees, including security personnel, have attempted to access sensitive data on their corporate networks without permission, according to a new survey.
The study, by identity and access management specialist One Identity, found that 92% of respondents said that employees at their company attempt to access information that they do not need for the execution of their jobs. Sixty-six percent of IT security professionals have tried to access information not related to their jobs.
Of the survey respondents 87% had privileged access to information. Over 900 people responded to the survey of professionals in .the US, UK, Germany, France, Australia, Singapore and Hong Kong.
One Identity warned that accessing sensitive data, such as employee salaries for instance could cause disharmony and disruption at the workplace, while confidential information on company financial data or future strategic plans if shared with competitors could be catastrophic for the business as a whole.
Unsurprisingly, the company advises that organisations should implement best practices around identity and access management including role-based access rights and permissions, and apply identity analytics to spot suspicious or unusual access.