Balabit IT Security surveyed IT professionals and found that in spite of the fact that 74% of them have already misused the company’s IT system, and could have lost his/her job, if a video recording could have proven wrongdoing, 92% of the surveyed would not object to being observed by an activity monitoring tool.

New York, November 15, 2011 – Balabit IT Security, one of the global leaders in developing privileged activity monitoring, trusted logging, and proxy-based gateway technologies, announced the “Top 6 list of the most popular prohibited activities in the workplace among IT staff” as a results of its survey. The survey revealed that in spite of the fact that 74% of the interviewed IT professionals have already misused the company’s IT system, and could have lost their job, if a video recording could have proven wrongdoing, 92% of those surveyed would not object to being observed by an activity monitoring tool. The reason is that almost half of the IT staff needs to share user names and passwords for some server administration tasks, and 41% of them were already in a situation where it would have been beneficial if there had been a detailed video of their work.

According to Balabit’s survey, 74% of the IT staff have already misused the company’s IT system, and could have lost their job, if a video recording could have proven wrongdoing. Most of those found breaking company IT policies admitted to multiple offences. The survey shows an average of two offences per person. Only 36% of IT staff state that they have never tried any of the following activities.

Top 6 list of prohibited activities in the workplace among IT staff:
1. 54% of those interviewed said that have already downloaded illegal content in their workplace
2. 48% of them answered that they have made exception rules in the firewall or in other IT systems for personal purposes, to get around the IT policy
3. 29% of them “have taken home” company details
4. 25% have looked into confidential files, stored on the company’s server (e.g. list of salaries)
5. 16% have read their colleagues email (without the colleague’s permission)
6. 15% have already deleted or modified log files (in order to hide or destroy evidence)

Supporting quote
Zoltán Györkő, Business Development Director at Balabit IT Security said: “Implementing an activity monitoring solution, which controls and monitors privileged users’ (such as system administrators, high level managers and employees working with sensitive data or outsourcing services providers) activities, will  be inevitable in the near future, not only among the bigger enterprises but middle size organizations as well. Gartner recently published its “Top 10 Strategic Technologies for 2012″ and predicted* an increasing number of smartphones and tablets will be used by employees, as well as the potential for broad, long-term impact of cloud computing in most industries. Both of these trends require a new approach to IT security strategies, one enabling real-time control of user access to the IT system, tracking of activities and the ability to report who had access to which sensitive content and what changes were made and by whom to mission critical IT systems. An activity monitoring tool helps companies passing compliance audits as well as protects the privileged users.”

Although no one likes to be observed during work – even if they have previously been informed about it – controlling privileged users’ activities is mandatory because of industry- and compliance regulations. For instance, financial institutions need to meet Basel III, the Markets in Financial Instrument Directive (MiFID II), the Market Abuse Directive, SOX-EuroSox, PCI DSS and several other standards forcing the adoption of IT controls such as ITIL, COBIT or ISO 27001/27002. Passing these audits successfully is required for organizations to continue everyday operations and prevent financial losses and damage to the company’s reputation.

Unique situation of the IT staff: 92% of them would not object to being observed
Because of this contradiction Balabit’s research also examined how employees feel about implementing such an activity monitoring tool which can track all their activities in the IT system during work. Would they protest against a monitoring system, even if the success of the audit and business continuity depended on it? Or would they rather support the implementation, even if it meant that their work was observed and every mistake and the responsible person could be reported? According to the survey, only 8% of respondents indicated that they would strongly protest against implementing an activity monitoring solution, the remaining 92% would welcome (34%) or – depending on the tool itself – would not mind (58%). Why?

An activity monitoring tool protects the system administrators
Among privileged users, system administrators and outsourcing partners more often find themselves in a difficult position as they share user names and passwords for some server administration tasks. The recently announced Password 2011 survey of Lieberman Software Corporation revealed that 42%** of the IT staff are sharing passwords or access to systems or applications in their organizations. Balabit believes that this is the reason why 92% of IT staff would not object to being observed as in case of any incident, it is difficult to assign blame if multiple users share passwords. Privileged users have personal interest in finding who is responsible for the costly downtime of the IT system. Balabit’s survey result clearly shows that 41% of the IT professionals were already in a situation where it would have been beneficial if there had been a detailed video of their work.

About the survey
Balabit IT Security has conducted this survey between July and October 2011 and interviewed more than 200 IT professionals (CIO’s, CSO’s, system administrators, system managers and other IT workers) in Central and Eastern Europe. Questionnaires were filled in anonymously, among Hacktivity Conference and System Administrator Appreciation Day participants as well. 51% of respondents work for large, 17% for middle size, 25% for small size companies. They are mainly from IT and telecom (53%), financial (24%), government (12%), retail (7%) and manufacturer (4%) sectors.

Supporting Resources
•    InfoGraphic: To have or not to have evidence?

Sources:
*Gartner, “Gartner Identifies the Top 10 Strategic Technologies for 2012”
**Lieberman Software Corporation, “Password 2011 survey”

About Balabit
Balabit IT Security is an innovative information security company, one of the global leaders in developing privileged activity monitoring, trusted logging and proxy-based gateway technologies to help customers be protected against insider and outsider threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.
Balabit is also known as “the syslog-ng company”, based on the company’s flagship product, the open source log server application, which is used by more than 650 000 companies worldwide and became the globally acknowledged de-facto industry standard.
Balabit, the second fastest-growing IT Security company in the Central European region concerning Deloitte Technology Fast 50 list (2010), has local offices in France, Germany, Italy, Russia, and in the USA, and cooperates with partners worldwide. Our R&D and global support centers are located in Hungary, Europe.
For more information visit www.balabit.com.

Press contact
Andrea Ipolyi
PR manager
Balabit IT Security
phone: +36 20 390 4139
e-mail: andrea.ipolyi@balabit.com
blog: http://andrea.blogs.balabit.com/


Walter Caon
Balabit USA
410 Park Avenue 15th Floor Suite 1500
New York, 10022
phone: +1 917 546 6715
e-mail: walterc@us.balabit.com