A former Intel employee stands accused of stealing data from Intel after secretly beginning to work for rival chip maker AMD. The incident, described in a criminal complaint filed in federal court in Boston, underscores the importance of controlling and monitoring access to corporate data.
The alleged theft of trade secrets from Intel by a former employee offers
yet another reminder of the importance of monitoring and
controlling access to corporate data.
According to reports, ex-Intel engineer Biswamohan Pani has been accused by
the FBI of stealing
trade secrets from Intel
while he secretly worked for the company's chief
rival, Advanced Micro Devices. The allegations were made in a criminal
complaint filed in U.S. District Court in Boston
in late August.
In an affidavit by FBI Special Agent Timothy Russell of the bureau's Boston
computer crime squad, it is stated that Pani told officials at Intel in
May he was resigning to work for a hedge fund and would utilize accrued
vacation time until his final official day June 11. However, allegedly,
Pani began working for AMD June 2 and soon
after accessed and downloaded 13 secret documents from an encrypted system at
When rumors that Pani was working for both companies began to circulate,
Intel reportedly checked to see if Pani was accessing confidential documents
and then called the FBI. A July 1 search of Pani's home turned up eight Intel
documents classified as confidential, secret or top secret, according to the
Pani no longer works for AMD, and has
denied any wrongdoing. But regardless, the accusations provide another clear
example of the importance of keeping
track of user access
to confidential data.
Brian Cleary, vice president of products and marketing at enterprise access
governance company Aveksa, argued that any user in that role with access to
that type of information should have had those access
rights immediately revoked after giving notice of resignation. However, as
SailPoint Technologies CEO Mark McClain
pointed out, as long as employees are in good standing it is common practice to
allow them continued access while they are still employed.
"However, it makes sense to take mitigating steps
because employees that have given notice should be considered higher than
average risk," McClain said. "For instance, it probably makes sense
to monitor the activity of these employees, how they are using access."