I'm surprised it was this easy to exfiltrate that amount of information before being stopped.
When I worked at Samsung we had an enhanced TSA experience every time we walked in and out of the building. Phones in the tray, give me all your papers please, etc. Remote access to certain workstations was permitted but was also actively monitored. By the time I managed to screenshot the 2nd PDF I'd have my access terminated and someone knocking on my door.
I don't make light of industrial theft/espionage, but let's be honest. Can you not just put a blurb on your proprietary stuff with the proper lawyerese? Something like "Business confidential and proprietary - not to be released without written authorization" or somesuch?
For those of us who have worked in the cleared space, a company labeling something "Intel Top Secret" is like watching a 12-year-old put on Daddy's suit jacket and tie in front of the mirror. If business confidential materials leak, yes, it can have huge financial impacts for the business. If actual TS materials leak, people can no-kidding die.
Not to mention if your company does do cleared work, you've now created unnecessary confusion between "Company Top Secret" and actual TS, which just increases the chances for someone doing something stupid/malicious.
That's pretty ballsy. For all of its faults, Intel has long been unusually on-point with their security, and anyone who worked there as long as this guy knows it.
> If you're going to fire/terminate someone two weeks in advance, you should probably revoke all their access
When I worked there, this was exactly the process. All access was revoked immediately (usually just prior to the employee being informed they're being let go). The upside is that you were not expected to work through the notice period. You just got paid for it.
I'm surprised it was this easy to exfiltrate that amount of information before being stopped.
When I worked at Samsung we had an enhanced TSA experience every time we walked in and out of the building. Phones in the tray, give me all your papers please, etc. Remote access to certain workstations was permitted but was also actively monitored. By the time I managed to screenshot the 2nd PDF I'd have my access terminated and someone knocking on my door.
I don't make light of industrial theft/espionage, but let's be honest. Can you not just put a blurb on your proprietary stuff with the proper lawyerese? Something like "Business confidential and proprietary - not to be released without written authorization" or somesuch?
For those of us who have worked in the cleared space, a company labeling something "Intel Top Secret" is like watching a 12-year-old put on Daddy's suit jacket and tie in front of the mirror. If business confidential materials leak, yes, it can have huge financial impacts for the business. If actual TS materials leak, people can no-kidding die.
Not to mention if your company does do cleared work, you've now created unnecessary confusion between "Company Top Secret" and actual TS, which just increases the chances for someone doing something stupid/malicious.
That's pretty ballsy. For all of its faults, Intel has long been unusually on-point with their security, and anyone who worked there as long as this guy knows it.
If you're going to fire/terminate someone two weeks in advance, you should probably revoke all their access to trade secrets at that time.
I know Intel's a small mom-and-pop shop but it seems like something you'd be able to hammer out with a few days work.
> If you're going to fire/terminate someone two weeks in advance, you should probably revoke all their access
When I worked there, this was exactly the process. All access was revoked immediately (usually just prior to the employee being informed they're being let go). The upside is that you were not expected to work through the notice period. You just got paid for it.
Sounds like times have changed.
Looks like Luo actually got away from this? Jeez...