72% of temporary workers admit to being given administrative privileges on their employer’s IT systems, according to new research from endpoint security software firm Avecto.
The research also found that only half of the temp workers surveyed were informed of any application or data restrictions during their induction period.
Avecto partnered with IT recruitment company Curve IT to find out how much digital authority is given to contractors. The survey questioned temporary workers employed in a range of IT roles, from development and testing to technical architecture and design.
Administrator accounts allow powerful access to a business’ operating system and are actively sought out by hackers to gain entry to the core of the network. If a user has admin privileges, a business has little control over the software that can be installed, meaning security and configuration settings can be changed.
Malicious insiders with admin privileges can wreak havoc too, with Edward Snowdon’s leaks being the prime example. He infamously leaked classified information from the National Security Agency (NSA) while working as a contractor.
Paul Kenyon, EVP at Avecto said: “Giving any worker admin rights is akin to giving them the keys to the kingdom. The insider threat has been well documented, but this research demonstrates that businesses clearly haven’t got the message.
“There may be parts of a project where a contractor needs administrative rights to perform their role. But that’s why a granular approach to admin rights on the endpoint is so important – let users do what they need to do by granting privileges to applications rather than users.
“Security is still viewed as a barrier that prevents employees from being able to carry out their roles. We need a shift in mind-set, a positive approach about how security is viewed within the corporate environment. There’s also a greater need for technologies which focus on the end user – as an enabler to productivity rather than holding workers back.”