Using Information Rights Management to Prevent Snooping by IT Staff

Friday, July 09, 2010

Peter Abatan


Human beings by nature are inquisitive and there will always be the temptation to pry into unauthorised confidential information. At the same time organizations must be able to control the viewing, movement and usage of sensitive data to prevent inappropriate distribution or leakage.

In a recent news article a survey carried out by Cyber-Ark global survey claimed that 41% of IT pros admit to snooping on confidential information.

The research also confirmed that snooping continues to rise within organizations both in the UK and the US. Forty-one percent of respondents confessed to abusing administrative passwords to snoop on sensitive or confidential information – an increase from 33 percent in both 2008 and 2009.

When examining the information that people were willing to circumvent the rules to access, US respondents targeted the customer database first (38 percent versus 16 percent in the UK) with HR records most alluring to UK respondents (30 percent versus 28 percent in the US).

When it comes to confidential information in unstructured format it is imperative that business takes responsibility for securing such information. Information Rights Management needs to be managed and administered by business and not IT, this rules out the possibility of unauthorised access.

In addition to encrypting each document or email, access to these documents are logged giving the data owner a full audit trail. Information Rights Management prevents staff from accessing information that is not relevant to their role.

Smart and best-in-class organizations are beginning to realize the benefits of using Information Rights Management.

Typical deployments for these organizations can vary from 3 days to 3 months, with exceptional deployments lasting between 6 months and a year, these tend to be global deployments across multiple departments with a high element of integration or customization.

The best way to get started is to ask for a proof of concept to see whether Information Rights Management meets your requirements.

For additional information on how to get started with Information Rights Management you can access Gartner’s latest publication called “Key Selection Criteria for Enterprise Digital Rights Management Solutions” by Eric Ouellet and Ray Wagner. There is also a ton of information on the Enterprise DRM blog.


Help Net Security - 41% of IT pros admit to snooping on confidential information

Possibly Related Articles:
Security Management Data Loss Prevention
Post Rating I Like this!
Mister Reiner This really get back to the inadequacies of information access audit logs and instilling a higher level of personal integrity in administrators to prevent snooping. Of the 41%, how many of those individuals do you think received ethics training? How many of them do you think signed confidentiality agreements or other types of agreements to reduce the likelihood of snooping?

It's important that organizations educate and reinforce workplace ethics - not just for administrators, but for everyone. Every employee has the potential to become an insider threat.
Peter Abatan @Michael thanks for comments. I do think that many organisations can still do more to prevent snooping, but they have to acknowledge this as a potential problem first.

@Mister Reiner Ethics training is a great tool, but needs to be reinforced constantly throughout the employees tenure as you mentioned. Like the first day at work orientation, it can be easily forgotten if not repeated. Thanks for comments
Vishal Gupta I think one of the key factors here is separation of information from its control .. so the IT folks can do their jobs of repairing, backups etc. but the IRM technology can ensure that even though they have physical access to the information they cannot abuse it .. I think its pretty powerful.

Peter Abatan Completely agree with you Vishal, that is the whole idea.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.