Though systems administrators often rank low on organizational charts, they get extremely elevated privileges from an IT context, Brazil said.
In order to maintain and manage enterprise systems, administrators need a very high level of access, he said. Even mundane tasks like password resets, and system backups require a certain level of privileged access, he said.
Abusing such privileges to gain unauthorized access to systems and data is almost trivial for admins who don't care about leaving a trail behind them, he said.
"This is not just ignorance or poor management' Brazil said. "Systems administrators are given the keys to the kingdom and entrusted not to do harm with it."
There are technologies and processes that allow companies to exercise a degree of control over administrators, he said. For example, enterprises can compartmentalize data and networks to ensure that administrators are restricted to specific silos.
Similarly, there are security tools that allow administrators to back up data files without getting access to the data, Brazil said. Many companies encrypt data in sensitive systems and store the decryption keys separately as a control against administrator abuse, he said.
Even so, adding such measure often can complicate relatively mundane administrative tasks so many companies choose not to implement them, Brazil added.
"The insider is the greatest threat to government and owners of critical infrastructure," said Robert Rodriguez, a former Secret Service special agent and founder of the Security Innovation Network.
"Once you have an employee who is trusted and has access to files and computers, it really depends on how rogue the employee wants to be," he said. "Once you are inside a building or an organization it become a lot easier to perform actions that are outside of policy."
Sign up for MIS Asia eNewsletters.