By Jijo Jacob: Subscribe to Jijo's RSS feed
August 18, 2010 6:54 PM EDT
As former Apple supply chain executive Paul Devine remains under Federal custody after being charged with receiving $1 million in return for offering company data to several Asian parts suppliers, the focus turns to the efficacy of data security protocols employed by big businesses.
While applauding the way Apple cracked Devine's data misuse, some analysts feel that valuable data would not have been compromised if better security systems and data protection protocols were in place.
"With Windows Rights Management in place, Devine might have been prevented from forwarding protected information via e-mail. Tools like Zgate or Zlock would have kept Devine from saving sensitive information to a USB thumb drive, or printing hard copies, or blocked attempts to communicate it via e-mail or social networks," wrote Tony Bradley in PCWorld.
"Software such as Spector 360 would have captured every detail of Devine's actions--allowing Apple to thwart the alleged unethical behavior much sooner, and giving it the tools to quickly and easily conduct an extensive investigation at the push of a button." Bradley wrote.
Like us on Facebook
Taiwanese electronics manufacturer Pegatron and Singapore's JLJ Holdings said on Tuesday they were investigating the kickback case involving Devine.
Devine, meanwhile pleaded not guilty to charges.
A third company, South Korea-based Cresyn, which manufactures earphones and headsets for Apple, rejected accusations that it had offered bribes to the disgraced Apple executive.
Apple has said Singapore-based Glocom/Lateral Solutions and Fastening Technologies, and Taiwanese firm Nishoku Technology have also given Devine bribes to land lucrative supply contracts.
The scandal came to the fore when U.S. authorities arrested 37-year-old Devine, a Sunnyvale, California resident, last Friday.
According to Singapore's Straits Times, Singapore resident Andrew Ang, a former employee of Jin Li, which makes cases for consumer electronics products, had worked as middleman for Devine.
Misuse by insiders was the biggest threat factor leading to data breaches in 2009, says the 2010 Data Breach Investigations Report by Verizon.
"That's not to say that hacking and Malware have gone the way of the dinosaurs; they ranked second and third and were responsible for over 95 percent of all data comprised," the report added, noting that other issues like weak or stolen credentials, SQL injection, and data-capturing and customized malware continue to plague organizations.
The report, which was conducted in collaboration with the United States Secret Service, says cases involving the use of social tactics more than doubled and physical attacks like theft, tampering, and surveillance ticked up several notches during 2009.
"Of cases involving internal threat agents in 2009, investigators determined 90 percent were the result of deliberate and malicious activity," the report says.
"In general, we find that employees are granted more privileges than they need to perform their job duties and the activities of those that do require higher privileges are usually not monitored in any real way."
It certainly comes as a surprise how a middle-level manager like Devine could carry out fraudulent activities with apparent impunity over the years.
It's even more startling in the case of Apple, which is infamous in corporate circles for the way it keeps its product secrets shrouded in mystery.
U.S. officials have said Devine sold details of upcoming Apple products to the parts supplier who used the data to win manufacturing contracts.
With the influx of handheld devices of various hues into the corporate communications scene, the task is cut out for data protection systems.
The Verizon report also throws light on the profile of people involved in data theft. As much as 24 percent of the crimes were committed by employees who recently underwent a job change, it says.
"Half of those had been fired, some had resigned, some were newly hired, and a few changed roles within the organization."
The report also lays emphasis on following secure modalities of employee termination. It says steps like disabling terminated employees' accounts in a timely manner, putting in place secure termination plans that encompass all areas of employee access, as well as following steps like forensic analysis of systems and escorting terminated employees.
U.S. Air Force Buys 18,000 Apple iPads to Replace Flight BagsFollowing the precedent set by commercial airliners in December 2011, the U.S.
Ron Paul 2012: Misses CPAC 2012, but Rand Paul Generates SupportWashington, DC -- Ron Paul typically generates one of the largest followings at the annual Conservative Political Action Conferenc...
How Double Fine Raised $700,000 in 24 Hours With CrowdsourcingSan Francisco-based game studio Double Fine took to Kickstarter to fund its next adventure game project. So far, the crowdsourcing effort has raised more than $700,000 in less 24 hours.
We value your privacy. Your email address will not be shared.
![Baby Blue Ivy Carter was Conceived in Paris: Beyonce and Jay-Z Officially Announce Birth of Girl [VIDEO of 'Glory']](http://img.ibtimes.com/www/thumb/mainpage/214587-15095-jay-z-and-his-wife-beyonce-watch-the-new-jersey-nets-play-the-phoenix-.jpg)
