Without information, managers can't make good decisions. In order to make good decisions, then, companies need to protect their information.And executives at Niku Corporation, a Silicon Valley software company, thought they had. However, managers were shocked when they discovered that outsiders had penetrated their Web site to steal data. Their experience raises some troubling questions about the security of company information in the Internet age.
Warren Leggett, Niku's chief information officer, had just returned from a relaxing holiday weekend playing golf with his brother-in-law Jay Berlin, who was a mid-level technical manager at Nike Corporation. Jay had agreed to view a demonstration of Niku's project management software. On the morning of the meeting, Jay checked his phone messages and had a voice mail from a salesperson at Business Engine Software Corporation, one of Niku's main competitors. Jay thought that it was quite odd that he'd be getting a message from these people, especially since he didn't even know the firm and he wouldn’t be his company’s software contact person anyway. So he told Warren about the message.
Warren also thought that Jay's receipt of such a message was rather unusual and decided to go through Niku’s Web access logs. What he discovered shocked him! He found that someone using Internet addresses owned by Business Engine had used Niku passwords to access Niku’sf network more than 6,000 times, downloading more than 1,000 documents--including one Warren had written about the planned demonstration for Jay.
On August 12,2002,Niku founder and former CEO Farzad Dibachi filed a lawsuit against Business Engine alleging corporate espionage Although the lawsuit was settled in December 2002 with a $5 million pavement to Niku and additional terms intended to ensure that Business Engine products releases did not incorporate Niku's trade secrets,the whole incident points out a serious? problem in today's networked corporations-potential holes incorporate security. "Passwords, which can be easily guessed or tricked out of employees, are becoming the Achilles heel of computer security. "An April 2002 survey of corporations found that 80 percent had their computer systems broken into,resulting in losses of $455 million.
Questions
1. Which type of control-feedforward, concurrent, or feedback-do you think would be most important in preventing corporate data theft? Explain your choice.
2. As chief information officer, what might Warren Leggett do to ensure that this situation doesn't happen again?
3.Which would be more important in protecting a company’s information or other valuable resources--employees, equipment, or a written procedure? Explain your choice.