<$BlogRSDUrl$>
 

This page is powered by Blogger. Isn't yours?

 Feedblitz email:
 RSS: http://linkingintegrity.blogspot.com/atom.xml

 

linking INTEGRITY

Integrity - use of values or principles to guide action in the situation at hand.

Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR.

The risks of insecure firing practises, 4.12.03

Man sentenced for hacking into Web site Associated Press


PITTSBURGH -- A former employee of American Eagle Outfitters has been sentenced to 1.5 years in U.S. federal prison for posting passwords on-line to the retailer's Web site and orchestrating an Internet attack.

Kenneth Patterson, 38, of Greensburg, must also pay more than $64,000 (U.S.) in restitution as part of his September guilty pleas to password trafficking and computer damage. He could have been sentenced to a maximum 11 years in prison and fined as much as $350,000.

Mr. Patterson's attorney, Martin Dietz, said he was pleased that the judge's sentence was less than prosecutors had been seeking.

'The government tried to blame Ken Patterson for all [American Eagle's] losses,' Mr. Dietz said.

Federal prosecutors said that Mr. Patterson posted user names and passwords for American Eagle users on an Internet hackers' group bulletin board and detailed instructions on how to hack into the company's system after he was fired last year.

Prosecutors said that Mr. Patterson then launched a series of 'denial of service' attacks -- which are intended to hamper or shut down a computer system by flooding it with data -- against American Eagle during the 2002 holiday shopping season.


CLB: Security best-practice includes employee hiring and exit processes. In this case, it appears that the American Eagle employee was not fired in a secure manner. In this case, the insecure process results in financial losses to company, and potentially extensive losses to the company's customers. Best practice for securely firing an employee usually involve several departments within an oganization, working to simultaneously: escort employee out of work environment (physical security), conduct an exit interview (HR), remove all digital and physical access (IT security, physical security), appropriately inform sensitive business relationship owners of employee status change (manager, marcom), file all union, legal, and regulatory required paperwork as soon as possible (HR, accounting, legal). Related policies: HR, IT, Marcom, Legal, Privacy.



__posted by Carolyn L Burke @ 4:56 p.m.
subscribe to Integrity

Comments

Post a Comment

 

Google

Integrity Incorporated

Site Feed

 Feedblitz email:


 RSS: http://linkingintegrity.blogspot.com/atom.xml

"We shall need compromises in the days ahead, to be sure. But these will be, or should be, compromises of issues, not principles. We can compromise our political positions, but not ourselves. We can resolve the clash of interests without conceding our ideals. And even the necessity for the right kind of compromise does not eliminate the need for those idealists and reformers who keep our compromises moving ahead, who prevent all political situations from meeting the description supplied by Shaw: "smirched with compromise, rotted with opportunism, mildewed by expedience, stretched out of shape with wirepulling and putrefied with permeation.
Compromise need not mean cowardice. .."

John Fitzgerald Kennedy, "Profiles in Courage"

Archives

07.03   08.03   09.03   10.03   11.03   12.03   01.04   02.04   03.04   04.04   05.04   06.04   07.04   08.04   09.04   10.04   11.04   12.04   01.05   02.05   03.05   04.05   05.05   06.05   07.05   08.05   09.05   10.05   11.05   12.05   01.06   02.06   03.06   04.06   05.06   06.06   08.06   09.06   10.06   11.06   01.07   02.07   03.07   04.07   07.07   08.07   09.07   10.07   05.08   06.08