Goldman Sachs Data Breach

Earlier this week the FBI arrested Sergey Aleynikov for the theft of proprietary software from his employer, Goldman Sachs. The complaint is fascinating in providing insight as to what a leading financial institution is doing to protect its intellectual property. Here are some of the items that they had in place (we know there are more controls that were not revealed in the document):

• Scanned and analyzed outgoing mail
• Prohibited file transfers using ftp to outside locations
• Recorded commands performed on the user's desktop
• Logged access to systems
• Monitored https traffic

Sergey was a sophisticated insider with technical skills who tried to cover his tracks, unfortunately for him, the security folks at Goldman Sachs were several steps ahead of him.

One other lesson that we should learn from the affidavit is that:

1) They had a written security policy.
2) That put tools in place to support that policy.
3) They had a security architecture in place to detect when the policy was being violated.

Kudos to the security team at Goldman and the FBI agents who arrested Aleynikov.