Even if Abene's hiring was declined solely for media reasons, what of it? A company has the right not to hire anyone who will scare away clients. By hiring people they know to have a criminal record, they would put themselves in a bad position that would probably lose more business than his expertise could draw.

There are a lot of other reasons to deny a convicted cracker this sort of job, among them the fact that he's lawsuit bait. "Negligence" is a word likely to come up if anything ever goes wrong, and if the company hires criminals it gives the plaintiffs some pretty hefty cannonballs to fire.

Let me put it this way: If a jewelry store reported a robbery and it was found to have hired three known jewel thieves as appraisers (who would probably be good at the job) despite knowing their records, wouldn't any police officer's first thought be "inside job"? Would an insurance company pay out for what would look to them like a case of either fraud or negligence?

More to the point, imagine a similar case involving that jewelry store's security company. Say it was discovered that the company that installed their alarms had hired people it knew to be ex-thieves. Well, the jewelry store is still probably going to lose out on the insurance money, so take three guesses who they'll go after to make up the loss.

@stake can't afford to be the security company who gets sued for damages when a client gets cracked. No security is perfect, but no one introduces more holes than they have to, and there are incredible risks for anyone who does. Sooner or later one of their clients will probably experience some sort of incident, simply because these things aren't 100% avoidable; when that happens, they'll need to show that they did everything possible to protect the client, and didn't place them in any additional jeopardy whatsoever.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/79/3287#3287