"These accounts have complete control over every Windows workstation, laptop and server throughout the corporate environment. When these accounts are compromised, the resulting impact can have devastating consequences on the organisation."

IDC's Hue warns that some well-known financial institutions have taken hits to both the bottom line and reputation as a result of rogue traders with excessive privileges. For example, French bank, Sociate Generale, was thrown into turmoil in 2008 when one of their traders, who breached five levels of controls, executed a series of fictitious transactions which resulted in US$7 billion of losses.

"That said trader was reported to have worked in the risk management office, before moving into a trading role," he says. According to Trend Micro Australia and New Zealand alliances manager, Adam Biviano, the risk is not just from intentional misuse of the company data. For example, an administrator might be in the process of repairing a server and copies a critical database to a USB drive. "Once the server is fixed and the data is no longer needed on the USB drive, is it actually deleted? Or is it thrown in the drawer as is, only to be used by someone else down the track who misplaces it in public," he says.