[ISN] Boeing worker says he was fired for talking to P-I

From: InfoSec News (alerts@private)
Date: Mon Oct 01 2007 - 01:32:57 PDT


http://seattlepi.nwsource.com/business/333692_boeingfired29.html

By Andrea James
P-I REPORTER
September 28, 2007

The Boeing Co. fired at least one employee Friday for having a 
conversation with the Seattle P-I in July, the employee said.

The company told Nicholas Tides in the past week that he was being 
investigated and was not allowed to discuss allegations against him with 
any other Boeing employees, Tides said Friday after he was notified of 
his dismissal.

On July 17, the P-I published an investigative report [1] revealing that 
Boeing had failed to prove that it could protect its computer systems 
against manipulation, theft and fraud. The problems were found during 
the course of audits mandated by the Sarbanes-Oxley Act, a 2002 law that 
requires public companies to ensure that they have such protections in 
place.

Boeing has always maintained that it is compliant with the law and that 
its financial statements are accurate.

It was in the context of the Sarbanes-Oxley story that Tides spoke with 
the P-I, but the newspaper would not confirm whether the report relied 
on any information from Tides.

Also Friday, the P-I received an anonymous e-mail, with a subject line: 
"Boeing's hunt for SOX Whistleblowers."

It said: "Computers are being surveilled, audit employees photographed 
from a distance, their activities video-taped. Multiple suspensions 
occurring this week. ... We're all under direct threat of firing, 
lawsuit, and criminal prosecution if we even mention this to each 
other."

Tides, who said he was unaware of the e-mail message, worked as an 
information technology auditor in Boeing's St. Louis office. He gave the 
newspaper permission to report on his firing and said Friday that 
managers began to treat him badly after he raised ethics concerns within 
the company over how it was conducting its audits.

He said that he has also reported some of those concerns to the 
Securities and Exchange Commission, the government body that regulates 
public companies.

"Everyone who raises concerns is retaliated against," Tides said. 
"There's no way in the world that I expected to lose my job when all I 
am trying to do is save the company."

At the time of the P-I report, a Boeing representative told the P-I that 
the company would focus on fixing problems, not retaliating against 
employees who raised concerns.

A Boeing spokesman said Friday night that the company would not comment 
on personnel matters.

"We have very clear policies and procedures regarding the release of 
information outside of the company. Our employees know what they are, 
and they are expected to follow them," said Tom Downey, Boeing's senior 
vice president for communication.

The P-I spoke with dozens of employees and contractors before the July 
report was published. Many of them said they feared losing their jobs, 
but they believed that Boeing's information technology department was 
mishandling its Sarbanes-Oxley compliance effort.

Tides, 36, said he has worked for Boeing for about three years and only 
recently joined the Sarbanes-Oxley compliance effort. He holds a 
master's degree in business administration and has worked in compliance 
for more than 10 years, he said.

"I don't know how I'm going to pay my bills; I'm in this all by myself 
now," he said. "The last two years out of three I've been an 'exceeds 
expectations' employee."

Immediately following the P-I report, some employees said they worried 
that Boeing would access their personal e-mail accounts.

When asked whether Boeing investigators have read employees' private 
e-mails, Downey said, "Our company computing systems are the property of 
The Boeing Co., and our employees are very aware of their 
responsibilities in using their systems, and in their use they consent 
to using those assets properly."

He also called the anonymous e-mail "speculation" and declined to 
comment on it.

[1] http://seattlepi.nwsource.com/boeing/sox/index.asp


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com



This archive was generated by hypermail 2.1.3 : Mon Oct 01 2007 - 01:49:24 PDT