Singapore: Data leaks brought by snooping IT security professionals feared

Experts worry about the potential data leak after a study found out IT security professionals admitted snooping around company sensitive data.

Snooping on a company's restricted information has been a prevalent setback that many IT security professionals admitted to committing, a new poll has found. More than 90 percent of the respondents owned up that some employees, including themselves, had accessed classified information at least once.

Technology market research firm Dimensional Research asked more than 900 IT security professionals in July and August and found out that almost every one of them acknowledged that 'snooping' happened at their workplace. Of all the respondents, 100 are from Singapore.

Also read: Kaspersky Lab discovers new Trojan stealing US$140,000 in Bitcoin

Interestingly, about half of Singaporean professionals admitted that they had accessed information not relevant to their job functions. The confession of these security professionals raises concern among experts, more so in the midst of Singapore's extreme push into the digital realm.

Bill Taylor-Mountford, vice president of American security intelligence firm LogRhythm in the Asia-Pacific and Japan, fears potential leak of sensitive information or compromising computers.

Lennie Tan, vice president and regional general manager of access management software firm One Identity, has qualms about free access to confidential company data.

"Meddling with confidential information, even if it is non-malicious in intent, could lead to serious damage to the business' reputation and financial standing," Tan told TNP in an interview.

Also read: Major Wi-Fi security flaw affects all internet users in Singapore

Meanwhile, a great number of respondents said they are concerned about inactive user accounts that are not terminated after employees left their jobs. This opens the gateway for hackers to exploit a company's confidential data.

According to the experts, one best way to combat potential data leak is by restricting access to information based on job functions. In addition, encrypting shared data can also protect sensitive information by allowing access to authorised computers only.