Giving IT A Bad Name - And Backups A Good Rep...

A former IT professional at the United States subsidiary of Japanese pharmaceutical firm Shionogi pleaded guilty on Aug. 16 to charges of computer intrusion. The former employee, Jason Cornish, faces a maximum of 10 years in prison when he is sentenced in November.
This is just the latest case that illustrates how enterprises fail to guard the security of corporate networks and data stores after key IT professionals leave the company, especially employees who are unhappy about layoffs, corrupt or just plain malicious.

Cornish left the firm in July 2010 after a dispute with a senior manager, but at the suggestion of a colleague, referred to as B.N. in court documents filed June 30 in the U.S. District court for the State of New Jersey, continued working for Shionogi as a contractor because of his familiarity with the company's network. During a round of layoffs, "B.N." refused to hand over network passwords to company executives and was summarily suspended and ultimately fired in September 2010. B.N.'s departure meant Cornish's contract was also terminated, and he was no longer authorized to access Shionogi's network.

The attacks were severe enough to freeze Shionogi's operations for "a number of days, leaving employees unable to ship products, to cut checks or even communicate via email," according to court documents. The breach affected Shionogi's corporate email, BlackBerry servers, order-tracking system and financial management software. The company estimated the damage cost $800,000.

Would you trust your network to this guy?

Yikes... when you're thinking of hiring a sysadmin would it be wise to administer some standard psychological tests -i.e. Rorschach, MMPI, TAT?  At least my psych degree was good for something :-)

The question to ask in the aftermath of this techno-meltdown is why were they down for days?  The answer is their backup process was weak - at best.   It sounds to me like it was nonexistent.

Some rules of the road for a situation like this:

• Never trust a single person to maintain the keys to the kingdom (i.e. userid/password file).   Make sure that you have this critical, show-stopping file backed up (ironic, isn't it)?
• Conduct periodical reviews of your backup policy - make sure you've added new data.  Do I hear change management?
• Most backup programs have notification - enable it and live with the annoyance (or use rules to drop them in another folder).
• Most backup programs also have reporting built in... a weekly status is nice and will CYA.
• STORE YOUR MEDIA OFF-SITE.   Or use a cloud-based solution to store data outside of the office.
• Have a plan ready - do DR testing at least once a year..

I'd only trust these clowns with a Mac...