In the Shionogi case, Cornish had resigned after an ongoing dispute, but the company hired him back as a contractor so he could finish a project for them, according to IDGNS. That might have been a fatal mistake, Walls says.
"I worry about an organisation that says 'we don't like what this guy is doing so we're going to turn him into a contractor and then allow him to keep access,'" Walls says. "If someone can't be trusted, they shouldn't have access to your environment. What happened here to enable this to go on was that their user provisioning lifecycle was not handled well. If your system is so complicated that you cannot replace one member of your team quickly, then you have a bigger problem."
One simple way to help prevent such problems, Walls says, is for business executives and the IT staff to actually get to know each other better so they work as a team and not as separate worlds.
"The business manager needs to have personal relationship with their IT managers and know them on a first name basis," Walls says. "They need to talk with them regularly. A business needs to know when an IT person is going off the rails and the only way to do that is to have personal relationships and know each other. IT people shouldn't be treated as a 'geek squad' at a separate table but as part of the company and part of the team."
Sign up for CIO Asia eNewsletters.