Monster’s data breach highlights uneven online practices

By now, the perils of securing online data with little more than user names and passwords should be well known. Monster.com learned that lesson late and the hard way, prompting last week’s disclosure that the Web jobs board will spend millions of dollars to improve its security.

Monster Worldwide Inc. recently discovered that con artists had grabbed contact information from resumes for 1.3 million people — and likely many more, since Monster now says this was not an isolated incident. Files were pilfered not only from Monster.com but from USAJobs.gov, the federal-government career-listing service operated by Monster.

The stolen information is not by itself ultra-sensitive, since resumes generally do not include Social Security numbers, financial data or account information.

But contact information can be lucrative for online criminals, who used what they got from Monster to craft “phishing” e-mails that go after such sensitive data.

The affair could serve as a warning to other businesses that operate online. But if the past is any guide, many will shrug off this episode.

“You’re going to see this happen again and again and again,” said security analyst Bruce Schneier, chief technologist for BT Counterpane. “I assure you, every other company didn’t say, ‘Wow, look what happened to Monster, we have to fix our problem.'”

Blame many factors. For one, upgrading security can be expensive, and many companies are reluctant to shell out for improvements until they’ve been viscerally reminded of the need for it.

“How do you justify a $10 million security budget when nothing happened last year?” said Mark Rasch, a former federal cybercrime investigator now with FTI Consulting Inc.

Another problem is that companies are hesitant to put up blockades that can annoy legitimate users.

“We’re all accustomed to a straightforward and easy experience,” said Dennis Maicon, executive vice president of Digital Resolve, a unit of Landmark Communications Inc. that sells automated fraud-detection systems. “We want to do things quick, we don’t want to jump through all kinds of hoops to say, ‘Hey, it’s me,’ because a good portion of the time, it is you. A company like Monster has to maintain the customer experience.”

That balance can shift, of course, if regulations require more stringent security. Many financial institutions and insurance companies have adopted extra measures like Digital Resolve’s authentication technology as a result. It lets customers sign on in a straightforward way but scans for anomalies (the user is signing on from, say, Ukraine all of a sudden) that might indicate an unauthorized person has stolen the password.

After the Monster breach was disclosed by researchers at Symantec Corp., Monster pointed out that its network security had not been broken. No one hacked in, after all. Rather, the criminals obtained legitimate keys to the system — most likely by phishing or guessing passwords belonging to recruiters with access to Monster’s tens of millions of resumes.

Yet the chance that someone would co-opt legitimate access to a network should itself have been considered a security flaw.

In one of the most infamous incidents, data-gathering giant ChoicePoint Inc. found in 2004 that criminals had posed as honest-to-goodness customers and filched information on 163,000 people. ChoicePoint ended up spending about $30 million fixing the situation, including $15 million to settle charges from the Federal Trade Commission that its standards were weak.

It’s unclear how much of a hit Monster’s breach will cause the company, which already has been struggling. A month ago it announced layoffs of 15 percent of its work force. The stock is near 52-week lows and a key finance executive just departed.

To respond, Monster has said it would spend at least $80 million on upgrades to its site, which now include security changes. Among them: closer monitoring of the site and limits on the way its data can be accessed.

Patrick W. Manzo, Monster’s vice president for compliance and fraud prevention, said the company had already been exploring several of the steps.

“What this incident has brought sharply into focus is that this is an issue that needs to be addressed immediately and not something that you can look at with a phased approach,” Manzo said Friday.

Some of Monster’s newer practices may already be in place at rival online job boards. For instance, both CareerBuilder.com, which is owned by newspaper companies and Microsoft Corp., and Yahoo Inc.’s HotJobs say they limit the number of resumes that one user account can access over a given period. (That is of limited effect, however, if fraudsters corrupt multiple accounts, a common pattern.)

CareerBuilder spokeswoman Jenny Sullivan added that her site has software that monitors for excessive or otherwise unusual usage patterns. Last week, CareerBuilder began “scrubbing” Social Security numbers and other sensitive information out of postings left by job seekers, though Sullivan said that step was in the works even before Monster’s breach.

The unavoidable truth about computer security, though, is that such steps can slow but not stop online fraud. Gartner Inc. security analyst Avivah Litan advises job-seekers to use a separate e-mail account for career queries and publicly post only basic contact information, nothing more than what could be found in the phone book.

“Assume nothing’s safe,” she said.

On the Internet:

Monster.com’s security page for users:

http://help.monster.com/besafe

Intel Begins Work on $2.5 Billion Chip Plant in China

Sept. 8 (Bloomberg) — Intel Corp., the world’s largest semiconductor maker, began building its first computer-chip manufacturing plant in China, a $2.5 billion investment.

Intel Chairman Craig Barrett is hosting a ceremony today in Dalian, in northeastern China, on the site of what will become the company’s first chip factory in Asia. Intel already has plants for testing and assembling products in other parts of China, the world’s biggest market for chips.

Intel, which announced the project in March, aims to begin production at the plant by 2010. The factory will bring the Santa Clara, California-based company’s total investment in China to almost $4 billion, Barrett said. The plant will give Intel better access to computer factories in China, as the company seeks to regain sales lost to Advanced Micro Devices Inc.

Intel plans to employ 1,200 people at the Dalian plant in China, its first factory in a new location in 15 years. It will begin hiring this year, with most of the recruitment taking place in the second half of 2008 through China’s universities, said Vice President Kirby Jefferson, who heads the plant that is also known as Fab 68.

The plant will “be an integral part of our global manufacturing network, while bringing us closer to our customers and partners in China,” Barrett said.

The Dalian plant will make chipsets, the supporting semiconductors that link Intel’s main product, microprocessors, to the rest of the computer.

Intel also plans to donate 8-inch chip-manufacturing equipment to the Dalian municipal government and the Dalian University of Technology to help establish a 348 million yuan ($46 million) semiconductor technology institute, Barrett said.

It joins STMicroelectronics NV, Taiwan Semiconductor Manufacturing Co. and South Korea’s Hynix Semiconductor Inc. in building factories in China.

Site Manager

Company introduction: Our client is a leading global developer and owner of industrial real estate, focused on major hub and gateway distribution markets throughout North America, Europe and Asia. They invest in properties located predominantly in the infill submarkets of its targeted markets.
With their progressive expansion, they are looking for a Site Manager to join their SH office in China.

Job Description:
•Report To: Development Department Manager
Location:SH
1. Site construction management in quality, progress and cost control;
2. Site control for the building materials and workmanship;
3. Construction project reporting;
4. Management of consulting firms;
5. Coordination among the contractors, suppliers and consultants;
6. Site supervision and inspection on regular base;
7. Management of filing and documentation of the construction, as-built drawings and property operating manual;
8. Site control for health and safety concerns;

•Job Requirements:
1. Educational background at university level, majoring in civil, electrical and plumbing engineering;
2. Minimum five years work experience in site construction management;
3. Minimum 3 threes experience in construction management for industrial buildings;
4. Good command of PC skills;
5. Good inter person communication skills;
6. Hard working;
7. Willing to travel and work on changing locations;

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_re004sh#dacare.com'(Please replace “#” with “@”)

M&E Engineer

Company introduction: Our client is a leading global developer and owner of industrial real estate, focused on major hub and gateway distribution markets throughout North America, Europe and Asia. They invest in properties located predominantly in the infill submarkets of its targeted markets.
With their progressive expansion, they are looking for an M&E Engineer to join their SH office in China.

Job Description:
•Report To: Development Department Manager
Location: SH
1. Design management for M&E works;
2. Site supervision and inspection for M&E works for AMB construction projects;
3. Assisting M&E Manager in pre-acquisition due diligence and M&E installation construction management;
4. Assisting in operations/maintenance manual of completed projects;
5. Sourcing building materials and equipment for AMB projects;
6. Coordinating with Asset Department for maintenance;

•Job Requirements:
1. University education background (with the Bachelor of Engineering), majoring in electrical, mechanic or HVAC engineering;
2. Minimum 3 year experience in the relevant field;
3. Knowledgeable in M&E works quality and cost control;
4. Good inter person communication skills;

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_eng069sh#dacare.com'(Please replace “#” with “@”)

Control Cost Assistant

Company introduction: Our client is a leading global developer and owner of industrial real estate, focused on major hub and gateway distribution markets throughout North America, Europe and Asia. They invest in properties located predominantly in the infill submarkets of its targeted markets.
With their progressive expansion, they are looking for a Control Cost Assistant to join their SH office in China.

Job Description:
•Report To: Development Department Manager
Location: SH
1. Assisting the Cost Control Manager in construction project estimating, budgeting and tendering management;
2. Administration of payment to the contractors/vendors/consultants;
3. Site inspection in terms of claims for additional amount by contractors;
4. Data base management for construction costing;
5. Coordination with FM&R for project cost tracking down;
6. Final accounting;

•Job Requirements:
1. Educational background at university level, majoring in civil, electrical, HVAC or construction management;
2. Minimum 5 years experience in cost control or construction budgeting and minimum 3 years experience with construction contractors.
3. Good command of PC and very good at Microsoft Office;
4. Good management skill in costing;

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_re005sh#dacare.com'(Please replace “#” with “@”)

Union will push for collective bargaining

ALTHOUGH collective wage bargaining was being used by more companies, it still needed promotion, the Shanghai Trade Union said yesterday.

Along with the Shanghai Labor and Social Security Bureau and the Shanghai Enterprise Confederation, the union will have a conference promoting collecting wage bargaining this afternoon.

Under collective bargaining, a company’s salaries are set after discussion and voting by all the employees.

“Wages are the key issue which directly influences the relationships between workers and employers,” said Wu Meng, an official of the Shanghai Trade Union.

“We encourage employers to set up collective bargaining with their workers to ensure that everyone can get a share of the company’s success,” he said.

Shanghai began collective bargaining in 1998 and by the end of June this year, 46,600 businesses in the city had joined the system which covered about 1.45 million employees.

But the union said this was not nearly enough.

“There were more than 500,000 businesses at the end of last year,” Wu said. “So those which have set up collective bargaining only account for a small portion.”

Wu said there were 49,000 private businesses in the city and it might be difficult to get every private company involved in collective bargaining because many workers were unaware of their rights.

A union survey found that most employees in privately-owned enterprises thought wages should only be set by the employers.

“They don’t believe that workers can negotiate wages with employers,” Wu said.

An International Leading Industrial Real Estate Company Seeking a Market Analyst

Company Introduction:
Our client is a leading industrial real estate company in the world.

Location: Beijing
Department: Transaction
Major Responsibilities:
• Assist Acquisitions & Development teams with production of Investment Committee memoranda
> Pull together materials to produce initial and final investment committee books
> Summarize deal particulars and create exhibits to be presented to the investment committee for approval
• Maintain/Quality Control on Due Diligence Documentations
> Update Library Tracking Spreadsheet to reflect volumes of DD binders checked out or recently added to the Library
> Coordinate with other Acquisitions/Development staff for periodic Library overhaul/re-organization, ensure necessary documents are distributed to the appropriate parties
> Ensure that final DD Binders are produced with consistency, in line with department standards
• Assist Transaction/Development Officer in completing due diligence review
> Tenant interviews/Credit review
> Market research
> Paralegal on title review/physical survey/closing issues
• Track and maintain titles, deeds and other pertinent deal documents for closed acquisitions/developments
• Collect market information and set up market information database
• Interact/Coordinate with Consultants and other AMB Employees in a timely, responsive manner, to ensure smooth deal flow
• Work close with Transaction Officer and Project Manager to prepare and update month-end projects process reports
• Assist in relevant contract preparation and negotiation
• Set up and administer files
• Provide the administration service for transaction team
• Other duties as assigned.
Requirements:
• 6-7 years working experience, with 2-3 years real estate related background desired
• High level of computer literacy (Word, PowerPoint, Photoshop preferred)
• Good communication skills
• Strong multi-tasking abilities
• Legal education background desired
• Team player
• Sense of Urgency
• Detail-oriented
• Commitment to thorough follow-up on outstanding items

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_mkt214bj#dacare.com'(Please replace “#” with “@”)

A International Leading Industrial Real Estate Company Seeking a Business Development Manager, North

Our client is a leading industrial real estate company in the world.

Location: Beijing
Department: Business Development
Manager: Director of Business Development
Position Overview:
The Business Development Manager will create and lead a regional industrial development effort while building the business in accordance with the firm’s strategic plan. This position will be based in Beijing and focus on north region. Business opportunities will be broad in scope, ranging from speculative development, in-fill rehabs and build-to-suits to acquisitions and sale/lease-backs, all of which can be executed either in house or with Alliance Partners.
Major Responsibilities:
• Identify, develop and recommend new business opportunities
• Support and follow up on new business development initiatives
• Develop and implement a defined growth strategy for the assigned region and convey the company’s directives to the market
• Develop and maintain key relationship with potential customers and relevant government authorities involved in business development
• Prepare the market study materials including the supply and demand analysis and rental comparables by working with alliance partners and different functional groups
• Develop regular status reports and actively communicate business development progress with the management and peer groups to achieve consensus and support
• Identify and track issues, and develop recommendations to support management decision-making
Requirements:
• 5-6 years related business development experience preferably in the real estate development, logistics and/or warehousing/distribution fields
• Proven record of accomplishment in industrial development who has strong existing relationships with potential deal sources as well as the brokerage and institutional communities in the assigned region
• Experience interacting and negotiating at a senior level with business partners, customers, and government officials
• Good knowledge in office software
• Excellent leadership, interpersonal, communication, analytical and problem solving skills
• A team player with the highest integrity, while possessing entrepreneurial spirit, raw intelligence and a mature demeanor
• High degree of character and integrity
• Good and proven business judgment
• High energy level with an outgoing personality
• Excellent language abilities in both spoken and written English and Chinese

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_mkt213bj#dacare.com'(Please replace “#” with “@”)

An International Leading Industrial Real Estate Company Seeking a Project Manager (North)

Company Introduction:
Our client is a leading industrial real estate company in the world.

Location: Beijing
Department: Development
Major Responsibilities:
• Site construction management for construction quality progress and cost control;
• Pre-acquisition (land and pre-existing real estate) and pre-construction due diligence;
• Project construction filing and as-built documentation;
• Communication and coordination with local authorities, design approvals and construction permits;
• Administration of site meetings and project reporting to the line manager;
• Management of consulting firms (Jianli, project management or QS firm) etc;
• Site control for health and safety.
Requirements:
• University education background (with bachelor of engineering), in majors of civil, electrical, HVAC or plumbing engineering;
• Minimum 6 years experience in construction project management; Minimum 3 years experience with foreign invested companies;
• Good knowledge of construction contract management;
• Good inter-person communication skill and management skills;
• Good at construction site controlling and administrating site meetings;
• Good knowledge about FIDIC construction contract;
• Good command of PC and Microsoft Office;
• Good command of English;
• Willing to travel very frequently;
• Sense of Urgency;
• Detail-oriented;
• Commitment to thorough follow-up on outstanding items.
Salary Range: Negotiable, based on experience and capabilities

* Please send us your complete resume (both in Chinese and in English) to:
‘topjob_mn177bj#dacare.com'(Please replace “#” with “@”)

BOB to open IPO subscription to retail investors

THE Bank of Beijing said today it will open subscriptions to retail investors next Tuesday (September 11) for its initial public offering of 1.2 billion A-shares in Shanghai.

The third to-be-listed Chinese city commercial lender will sell up to 840 million shares, or 70 percent of the offering, to retail investors. The remaining 360 million shares, or 30 percent of the offering, will be sold to institutional investors, the Beijing-based bank said in a statement to the Shanghai Stock Exchange today.

Institutional investors can subscribe to the shares during the two-day period ending next Tuesday.

The bank will announce a price range next Monday and post the final price next Wednesday.

“The bank is among the top 15 players among the country’s 110-plus city commercial banks,” said Qiu Zhicheng, a Haitong Securities Co analyst.

The bank said in the prospectus yesterday that it will conduct an H-share IPO at an appropriate time after completing the A-share sale, without giving a timetable or sale scale.

Any sale of H-shares would need approval for existing shareholders.

The lender gained approval from the China Securities Regulatory Commission for the Shanghai share sale at the end of August. The listed shareholders of the lender, including Tongfang Co and UFSoft Co, all surged on the bank’s announcement it would go public.

Citic Securities Co and its affiliate, China Securities Co, are the lead underwriters for Bank of Beijing’s A-share listing. Shanghai-listed Citic Securities holds a 60 percent stake in China Securities.

Bank of Ningbo and Bank of Nanjing -became China’s first two listed city banks early last month. The two banks listed on July 19, after raising a combined 11.07 billion yuan (US$1.47 billion).