Headline: Angry Employee Deletes All of Company’s Data, from foxnews.com
There’s actually quite a few interesting security and systems lessons in this one article. Quoting here:
When Marie Lupe Cooley, 41, of Jacksonville, Fla., saw a help-wanted ad in the newspaper for a position that looked suspiciously like her current job — and with her boss’s phone number listed — she assumed she was about to be fired. So, police say, she went to the architectural office where she works late Sunday night and erased 7 years’ worth of drawings and blueprints, estimated to be worth $2.5 million.
It didn’t take Steven Hutchins, owner of the architectural firm that bears his name, much time to figure out who’d done it — Cooley was the only other person who had full access to the files.
Hutchins told one TV station he’d managed to recover all the files using an expensive data-recovery service.
As for the job, Cooley originally wasn’t in danger of losing it. The ad was for Hutchins’ wife’s company.
The first lesson here is that you should never have only one copy of $2.5 million dollars worth of anything. The second lesson is that at some point, project drawings (or whatever your data happens to be) should be archived into a read-only state, which would have limited her ability to only messing with the firm’s current projects. The third lesson is that certain types of behavior can’t be easily restricted with simple negative consequences. Surely Ms. Cooley, if she had been thinking rationally, would have known that she was going to be caught out for this, which implies either she was so angry at the thought of being fired she was acting irrationally, or her idea of the consequence (“Well, all he could do is fire me anyway”) didn’t match the reality (she’s most likely going to be convicted of a crime for this, which will make it pretty much impossible for her to get any sort of real paycheck for the remainder of her working life).
But the real lesson is that it is actually hidden behind all that. It is very difficult to protect yourself from an insider attack, particularly at a small company. If you have a limited number of people you can trust, you’re going to wind up trusting some of them implicitly. Even if Hutchins’s architectural firm had taken steps to help prevent this sort of thing from happening, it’s likely that Ms. Cooley would have been able to seriously bollix up the works anyway if she was determined enough. Read-only media can help cut down the risk, but if someone had physical access there’s nothing to prevent them from taking a fire axe to the disk (or tapes or DVDs or whatever media they might have used for archival purposes). A trusted insider with the right information could even arrange to get rid of offsite backups with a simple phone call (“Our server crashed and we need our offsite backup copies for a restore…”).