In March 1994, Randal Schwartz was indicted on three felony counts under the Oregon State Computer Crime Law and sentenced to 5 years of probation. 480 hours of community service, 90 days of deferred jail time, $68,000 of restitution to Intel, and disclosure of full details surrounding conviction to any future employer. The complaint against Randal Schwartz was brought by Intel Corporation, a multinational microchip manufacturer. The charges related to altering two computer systems without authorization and accessing a computer with intent to commit theft. Randal Schwartz is a perfect example of someone who does not fit into the stereotype of hackers. Anyone familiar with Perl will know Schwartz as the author of the definitive Perl instruction guide, Learning Perl. Schwartz is a frequent columnist for such technical magazines as Unix Review and Web Techniques. Randal Schwartz was a consultant for Intel in Oregon for three years before the indictment. Schwartz’s crimes are a result of what he says were “good intentions.” Although Schwartz is well respected in the community, he has been criticized for his unprofessional and irresponsible conduct as a consultant, thus being subjected to a lot of controversy. Schwartz claimed that because of jos travels and invitations to lecture on Perl, he needed an easy way to access his e-mail at Intel. Without seeking requisite permissions, Schwartz modified the systems so as to access his account outside of the organization. He also installed the Crack software on the systems, which enabled him to capture nearly 50 passwords.
In his defense, Schwartz argued that he was merely helping the company by checking the security of systems. This could have been an excellent explanation except for the fact that in police reports. Randal told the officers that thought he could be criminally prosecuted for these incidents. “When asked why he stole 40 or 50 passwords. Schwartz told detectives. “I needed them in case they caught me doing it and I knew they would shut me down, so the more passwords I had, the longer I could continue doing what I wanted to do.” Schwartz also admitted that this wasn’t the first time he had done things against Intel’s policy. He had been previously caught accessing the systems from outside the company and had been warned on several occasions.
Schwartz Case Study
Organizations need to be concerned with breaches of security from internal sources as much (if not more) as from outside sources. Employees and consultants in an organization often need sensitive information. How can the organization provide access, but still protect against improper usage of this information?
Read the Case Study at the end of Chapter 10. With your group, act as hired consultants and write a 1- to 2-page group report that determines what steps you would recommend for the company to ensure that their security policies are not violated. One of the CEO’s goals is to keep from burdening the employees with too much overhead, so be sure to find a balance between ease of access and formal security measures. In addition, identify the individual contributions of each member of the group.
Your report should follow APA style.