The biggest risk to IT security isn’t posed by malware or hackers or even the threat of an electromagnetic pulse attack on your infrastructure. Rather, the most immediate danger lies much closer to home, with your IT staff posing the most imminent threat, according to a report on ‘insider threats’ commissioned by cloud services firm Intermedia, net Inc.

The report somewhat unsurprisingly finds that those who have the greatest access to a company’s data and the ones charged with keeping it secure are the most likely to take chances that could all to easily lead to a major security breach. In fact, IT pros are even more likely to be the source of a leak than regular employees.

More than 2,000 business professionals were surveyed in the 2015 Insider Risk Report, and found that some 32 percent of IT staff admit to providing their login and password credentials to unauthorized employees. Meanwhile, just 19 percent of “other” staff (we assume, non-IT related) admit to doing the same.

“It’s nearly always that technical people are the worst offenders,” said Richard Walters, Intermedia’s vice president of Identity and Access Management, in a statement. “They know how to get around various controls that an IT team will put in place. It’s sometimes done with the best intent, but nevertheless with a complete lack of consideration for the risk or security implications.”

In another worrying turn, some 28 percent of IT staff admitted in the survey to accessing the systems of companies they no longer work for, compared to just 13 percent of non-IT staff. And even more worrying perhaps, 31 percent of IT professionals said they would happily steal take data from their employer if they felt it could deliver them personal benefits.

Intermedia also provides another statistic that really hammers home just how careless most staff are towards IT security – a stunning 93 percent of respondents admit to insecure IT practices. These sloppy habits result in a myriad of security issues for enterprises, including regulatory compliance failures, data loss, data breaches and in some extreme cases, purposeful sabotage carried out by disgruntled employees.

One final stat shows that its younger employees – millenials – who’re most likely to be the cause of a security breach. According to the survey, millenials are the most likely of all age demographics to go and install unapproved applications on company systems. Moreover, millenials are more likely to engage in behavior that goes against company protocols, such as saving business data to their personal cloud storage.

Photo Credit: Asian Development Bank via Compfight cc