To: Konno Ryozo, TakSec Director

From: Gerlind Sanger, Security Chief, Investigations Unit

Subject: Aloysius Keaton, Takashima IT Security Department

Attachment: photo of Keaton, taken during off-compound excursion on 2070.09.13

Subject has been a Takashima employee for seven years. Unremarkable employee, rated as having average tech security skills, Keaton has been a model employee. Until 3 months ago, he was never missed a shift and nothing of note in his personnel file.

On 2070.07.01, Keaton downloaded several security logs, which triggered TekSec data breach alert Keaton’s supervisor, Max Stormcloud. My research on the alert found the logs were flagged Security Level A. Keaton has Security Level C access.

On 2070.07.02, Keaton reported the unusual logs to Stormcloud, who sternly warned Keaton to stand down and reminded Keaton of his security rating. Keaton appeared to back off the investigation for a couple weeks; however his behavior became more erratic and three additional alerts have been attributed to Keaton.

On 2070.08.13, A coworker lodged a formal HR complaint after Keaton engaged in a shouting match with her over a trivial project issue. In the past 3 months, Stormcloud reported several extended off compound meetings and Keaton’s continued investigation of the security logs.

Recommendations:

  • Preliminary analysis indicates Keaton is a flight risk. Level 2 surveillance is strongly recommended.
  • Reassign Stormcloud and replace with Raven Nguyen, who has a track record for reining in wandering techs.
  • Conduct an internal investigation of the Security Level A programmers, who have been unsuccessful in closing the back door Keaton used to access the security logs. The were also unsuccessful in tracing the log breach to Keaton.
  • Approve contract with Xavier St. Cayetano to close the backdoor to the Security Level A log server.