Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Two-Fifths Of IT Staff Could Hold Their Employers Hostages

Venafi : 24 May, 2011  (Technical Article)
Disgruntled staff and former employees from IT departments still retain the capability of making life difficult for their employers by denying access and withholding encryption keys, says Venafi
Two-Fifths Of IT Staff Could Hold Their Employers Hostages

Venafi has announced the findings of a survey which showed that 40% of IT staff admit that they could hold their employers hostage—even after they’ve left for other employment—by making it difficult or impossible for their bosses to access vital data by withholding or hiding encryption keys.


A third of survey respondents said that their knowledge of and access to encryption keys and certificates, used for both system authentication and data protection, means they could bring the company to a grinding halt with minimal effort and little to stop them. This is due to lack of oversight and poor management of their organisation’s encryption keys.


Astonishingly they claim that even after they have left they still could cause havoc with their knowledge of the encryption keys, shared passwords and weak controls. 40% of respondents admitted that they would still have access to vital information and could manipulate it to their own ends—both to their company's financial and reputational detriment.


31% of respondents astonishingly said that they could still access organisational data because they could easily retain the encryption keys when they left and access the information remotely. Finally, 24% of respondents to the survey admitted that their fear of losing encryption keys is what is deterring them from investing in encryption key and certificate solutions to protect digital assets and secure sensitive system communications.


The survey shows that 82% of companies now use digital certificates and encryption keys, however, 43% admit to being locked out from their own information—because people have left the organization or keys are lost—and 76% would use automation if they knew it existed. These same companies are unaware of how to manage their keys and certificates, leaving them exposed to unplanned system outages, security risks and reduced access to critical data.


Jeff Hudson, Venafi CEO, said: “It’s a shame that so many people have been sold encryption but not the means or knowledge to manage it. They have found out the hard way—after being locked out from their own information—that they need an automated solution to manage the thousands of keys and certificates they have. Once the data's protected with encryption, the key becomes the data and the thing that must be managed and protected. Key Encryption is only half the solution. IT departments must track where the keys are and monitor and manage who has access to them. What this survey reveals is that organisations need to quickly come to terms with how crucial encryption keys are to safeguarding the entire enterprise as well as the heightened need for automated key and certificate management with access controls, separation of duties and improved polices. It’s no longer rocket science. Yet recent, costly breaches at Sony, Epsilon and elsewhere reinforce the need for both more encryption and effective management. There are some great solutions on the market that can manage and automate these assets at a click of a switch.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo