|
Nobody in that business was naïve. Employees did not "forget," if they were caught with their phone in the secure area, they were fired. I was told right up front that certain things were zero tolerance, and everybody knew what they were. They took this very seriously. Now when it comes to a deliberately bad actor, well, nothing is 100% perfect, but there were many other security things going on that I am not going to describe here, plus I know for a fact that there were security measures they did not disclose to me. But let's face it: Somebody, somewhere, can train themselves to memorize a screen full of information. They could memorize something, go for a smoke break, and upload what they memorized. Lather, rinse, repeat. The point I made, and am still making, is that some companies care enough to do everything reasonably possible to keep customer data secure, while other companies do not. The company I described here cares. I believe Apple cares too. I suspect it will always be possible for someone to pull a small data heist, but extraordinarily difficult to set up a regular pipeline to exfiltrate data. The weak point is probably the digital systems. Most attackers would want everything, and the way to get everything is with a vulnerability. |