The blog of a US IT company reports a curious case: the IT department of a customer of theirs stumbled over some suspicious vpn logs. A vpn connection, established with the credentials of one of their programmers, was open from China while the same programmer seemed to be working in the US.
It turned out that this guy (they call him Bob) had simply outsourced his own job to a Chinese consulting firm, while he spent his working time with ebay and social media. The investigation found that
Bob spent less that one fifth of his six-figure salary for a Chinese firm to do his job for him. Authentication was no problem, he physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday.
But hang on, what about the quality of his work? Looking at his performance reports, investigators found that
For the last several years in a row he received excellent remarks. His code was clean, well written, and submitted in a timely fashion. Quarter after quarter, his performance review noted him as the best developer in the building.