authentication information for each employee and authorized network user. A system administrator or some other high-level user can get access to a particular system on the network by obtaining a temporary password that grants access to specific resources. “Once you have access, we basically decide what you can do, how often you can do it, when you can do it, and to what level you can do it,” Mutch said. For “mission critical” servers, Mutch says, the system also maintains a record of everything users do after they are granted access.
Mutch is one of the few CEOs in the industry with insight into the misdeeds that high-level employees can do—and in meeting the regulatory requirements of internal financial controls. In mid-2003, he was named as CEO of San Diego-based Peregrine Systems during the scandal-wracked company’s bankruptcy reorganization—after Peregrine’s largest creditor group wrested control from John Moores, the Texas software mogul who had controlled Peregrine as the company’s single largest investor. Peregrine specialized in enterprise software installed on corporate computer networks designed to help big companies and other large organizations track and manage their laptop computers, software licenses, and other high-tech assets. Peregrine had about 4,000 employees and ranked among San Diego’s biggest technology companies until it collapsed in a financial accounting scandal in early 2002.
In its bankruptcy reorganization, Peregrine eventually disclosed that its fast-growth story was an illusion. The company had inflated its sales by more than $500 million and under-reported its losses by $2.55 billion over the two-and-a-half-year period before its collapse.
During the bankruptcy reorganization, it was clear the company’s financial controls were a mess, even after Mutch took over with a new financial team. The company disclosed in financial documents nearly a year later a litany of problems, including insufficient segregation of accounting duties, deficiencies in contract management, undocumented accounting policies, and lack of certain internal audit functions.
Beyond Trust’s technology aims to