One Man… $1Billion… Stolen.

A former Intel employee has been charged with attempting to steal $1Billion worth of information. Wow. Turns out that while he had resigned and officially left, he still had access to the computer systems - and guess what… he decided to copy stuff, which he freely admits he would use to further his career in the future.

While I have written about the decline of implicit trust before, this is yest another case, although this time it shows up a poor corporate process relating to shutting out individuals from company systems when they leave.

I was with a customer this week and they are about to change their policy on password changes to every two weeks. Every two weeks… we change our passwords every three months and even then I can have problems trying to (a) find something that fits the policy, uppercase, lowercase, numeric, punctuation, not this or that and then (b) remembering it… let alone having to do it every two weeks. The reason that passwords used to have to be changed frequently was because companies were not good at shutting people out of systems when they left… but now there is no excuse.

Time to revisit that employee leaver policy… and examine how you can prevent falling foul of a malicious insider - after all he was just copying restricted data onto removable media… something technology can help you spot.

November 7, 2008 | Filed Under Insider, security 

comments

Leave a Reply