Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Are Your IT Pros Sharing or Abusing Passwords?
October 27, 2011
At many companies, the answer is apparently yes. Information Week has reported that a recent survey of 300 IT professionals, 2/3 of them working in companies with more than 10,000 employees, showed that 25% of them knew at least one co-worker who used privileged login credentials to inappropriately access confidential information. 42% indicated that the IT staff freely shared passwords and access to multiple systems and applications.
25% also indicated that at least some of the superuser passwords granting God rights to the network were less complex than what was required of end users. A whopping 48% reported that privileged account passwords had remained the same for at least 90 days.
My guess is that management is largely clueless about these practices, but they are clearly an engraved invitation to disaster, so it would behoove those in charge to monitor the security practices of their IT departments. "IT Pros" should certainly know better!
Listen to the Podcast
