Corp theft is a problem in EVE. Not a common problem mind you, but it does rear it’s head from time to time. Letrange discusses an incident that occured recently in his corp, (http://letrangeeve.blogspot.com/2008/10/drama-bombs.html).
After I read his post, I thought I would offer up some advie to the EVE community so that such incident can be avoided. Ultimately, if someone wants to find a way to get into your corp and steal everything, they will find a way. Long time members of a corp may decide one day to take everything over a simple argument, there’s not much you can do about that.
That being said, there are things you can do to help avoid such things happening from new recruits.
- Hold an interview with the pilot, on voice communications (TeamSpeak, Ventrilo, EVE Voice, etc…). People can sound sincere in a text chat, but the nuances come through when speaking with a live voice. It also gives you the opportunity to get to know the new recruit before you bring them into the fold.
- Request the new recruit provide their limited api key. This will allow you to see which characters are on an account. If you find that a known enemy is a character on that account, you have just identified a potential spy trying to get into your corp. Research the characters on the account on the EVE forums, see if there has been a name and shame post about one of them as a corp thief. Viewing that player’s skills will also help you to evaluate how well that person will fit into your corps play style as well as be able to offer suggestions for improvement.
- Ask for references. It sounds crazy, but if they left their last corp for stealing loot, you would want to find that out right away. You can always look at their employment history and talk to members of former corps that person was in. It’s useful information.
These are just a few of the things that we do when we bring someone new to our corp. We do have them join our public channel and we have them join us on ops until they are brought in. These things can help protect your corp and they also help your potential new members understand what your corp is focused on.
October 17th, 2008 at 6:01 am
I’d probably take a different approach: Limiting the amount of damage the thief can do. Don’t put all of your eggs into the same basket. Even if he gets past all of the screening procedures you outlined, he could only get access to a fraction of the corporation’s assets. Of course, the downside to compartmentalization is the increased buraucracy.
[Reply]
October 17th, 2008 at 7:57 am
I agree with all of this.
I think it’s also good if new recruits have the support of others in the corp. Even if those corp members don’t have the capacity to accept applications, it’s a good idea to listen to what they have to say about prospective members. I’m liable to think higher of someone who has someone in the corp speaking good about them.
In the end, a sufficiently talented con artist will always be able to infiltrate. It comes down to a work of balance and acceptable risks.
[Reply]
October 17th, 2008 at 8:39 am
There are a few other items that we do that I did forget to mention. New recruits once accepted are set to the title of Trainee, where they can only access the Ammo division, which means they can only get to ammo for weapons. The member title allows someone access to a few of the other divisions in the hanger and Director is access to everything. It does allow us to secure things a bit, but yes, we do have more admin time we have to spend to maintain security. It does seem like a lot of work, however, it does help us in the long run.
[Reply]
October 17th, 2008 at 8:49 am
Besides all that upfront stuff, it’s important to take the time to set up roles and titles properly and then assign them based on trust over time. That’s what my alt’s industrial/missions corp does. We have three or four tiers of titles tied into to sets of roles. New members are given a title that permits very limited access to corp hangars and POS Labs initially. Only after a long time and demonstration of “trustability” (I love making up words) are their rights gradually increased and even then it’s on a “need to know” basis. We lock down blueprints and keep the really valuable stuff where no one but Directors can get to it. And since the Directors know each other in RL, there’s an added layer of trust among us. Not saying we couldn’t get ripped off, but wouldn’t be easy as things are set up right now.
[Reply]
October 17th, 2008 at 7:43 pm
I would also recommend requesting their full API key and checking wallet transactions/journals for suspicious activity. Eyeballing the XML files works, but there are a few apps out there to help this kind of analysis.
I also recommend setting up titles and making sure people use only titles. It makes working out who has access to what much easier, and so on.
Run a trial period with people. Give them a week or two, and if their trust metric is still good, give them some more access. If they prove themselves, give them further access if they need it.
Certainly the voice comms plan is a solid one. Include more than one person in the interview- get 2 or 3 opinions on a person before you let them in.
[Reply]