Question for you, the reader – “In your experience, do EMPLOYEES ever attempt to access information that is not necessary for their day-to-day work?” Corporate Network Snooping, in a security context, is gaining or trying to gain unauthorized access to another employee’s or the company’s data, that may not necessarily pertain to the job.
A recent survey of 913 individuals conducted by OneIdentity revealed shocking statistics about employee snooping on corporate networks. The results are unnerving because the number of employees across countries and sectors is very large, and majority of the respondents admit to having indulged in some snooping themselves.
While the survey respondents constituted primarily of individuals from the USA (34%), respondents from other regions were represented well enough (Hong Kong: 11%, Singapore: 11%, Australia: 11%, France: 11%, Germany: 11% and the United Kingdom: 11%). Varying company sizes were included, with companies having 500-2000 employees at 44%, 2000-5000 at 28%, and more than 5000 employees at 28%.
Of those surveyed, majority were team managers (45%), which ensured that relevant people in the organization who could observe employee behavior made up the bulk of the sample. Executives were also represented at 35% and ‘individual contributors’ were at 20%.
The individuals also, by a majority, already had privileged account access (87%), which makes it even more alarming that they felt the need to snoop the corporate network for more data despite their elevated access. This scenario uncovers behavioral trends towards snooping that are psychological in nature, and therefore must be addressed at the security level rather than in any other way.
When asked the question, “In your experience, do EMPLOYEES ever attempt to access information that is not necessary for their day-to-day work?”, 69% said “Rarely, but it happens”, 23% said “Yes, this happens frequently”, and only 8% said, “No, they never even try.” This places 92% of employees in the ‘potential insider threats’ category, which is a huge percentage. When asked instead the question, “Have YOU ever attempted to access information that is not necessary for your day-to-day work”, the numbers again favored snooping. (51%) responded “Rarely, but I have done it” and (15%) replied, “Yes, I do this frequently”.
Critical performance data is regularly compromised as well. More than 1 in 3 (36%) respondents replied ‘Yes’ to the question “Have you ever looked for or accessed sensitive information about your company’s performance, apart from what you are required to do as part of your job?” Such statistics could spell disaster for any business, regardless of whether it is a large enterprise, a midmarket organization or a startup. Data breaches are expensive, but performance related breaches more so. These can threaten the very survival of any business.
The situation clearly demands attention. How can one reduce the threat of insider snooping?
Identity and Access Management (IAM) is the answer. Role-based access control and strict governance of rights and permissions can help prevent potential bad actors from accessing confidential or sensitive information. Organizations can leverage identity intelligence and privileged access management to identify employees who have been granted elevated rights and pinpoint exactly where abuse of those rights is occurring.
A comprehensive IAM solution that allows role-based access control, governance, and risk metrics powered technology to identify privileged accounts will be ideal to mitigate risks of network snooping. Single Sign-on, Multi-Factor Authentication, Enterprise-Class Password Management, and Access Recertification are some of the key IAM components that businesses require to secure themselves against insider threats. Tight integration with Privileged Access Management is also essential to ensure that elevated access is not misused and helps with timely access revocation on role change or employee exit.
Here’s where “Zero Trust Framework” comes into play. A security concept centered on the philosophy that organizations must never trust anything inside or outside its perimeters automatically but instead verify everyone and everything trying to connect to its systems before granting access. As the pressure to protect enterprise systems and data grows significantly, and attacks become more sophisticated, a robust IAM solution factoring in Zero trust architecture might just be the answer to insider threats and corporate snooping.