5 Steps Organizations Can Take to Protect IP and Trade Secrets
IP and trade secrets are the bread and butter of many companies—among their most important assets; the assets that give them competitive edge. It’s no wonder then that they’re often frequently under threat. Bad actors use a variety of sneaky methods to try to obtain them, ranging from “researchers” posing as non-malicious actors calling the company to speak to subject matter experts in order to collect information, to downright bribes, thievery or even bugging.
Protecting Corporate Secrets While Traveling
Travelling throws another wrench into the puzzle. Specific flights that business professionals are known to travel present opportunity for competitive intelligence agents to gather intel. For those of us who travel often, how many times have you sat and listened to conversations that should not be had in the open or sat next to someone working on a corporate PowerPoint that certainly provides confidential details?
Furthermore, certain countries have developed reputations for being places where competitive spying is acceptable, even encouraged, and business travels must be extra careful when doing business in them. In fact, in the case of energy and the utilities sector, nation-states particularly are interested in energy and frequently target critical infrastructure providers and suppliers in order to steal IP and trade secrets.
Steps to Protect Your IP
So, what can organizations do to protect their IP and trade secrets? Organizations should focus comprehensively on a company culture of security. Employees and business partners are the greatest threat to security of intellectual property, with employees and business partners as the alleged misappropriator in over 85% of trade secret lawsuits in the state and federal courts of the United States. Steps an organization can take include:
- Leverage the CISO: the CISO should communicate on a regular basis with executives in charge of intellectual capital to ensure that employees know what needs to be protected, how it should be protected and from whom. This involves careful coordination among the CEO, COO, leaders in HR, marketing, sales, legal services and production—and whatever other major players are part of the organization.
- Train your employees: Make sure employees are aware of the steps they need to take to protect sensitive information. Information can be gleaned from any public space—like a coffee shop near a company office or trade shows. Spies might see what they’re doing on their computer or pose as a potential customer at a trade show to try and glean trade secrets. Employees should be well-versed in what kind of information they can share in public or work on in public and what kind of information they should take precautions in discussing or working on in public.
- Specify IP and trade secrets: Organizations should clearly label confidential information. They can do that, for example, by specifying that the information is private on the log-in screen. If the company ends up in court with an actor who took information without authorization, they will be able to demonstrate that they made it clear that this was protected information.
- Bolster security: Make sure the rooms where sensitive information is stored are locked and secured. Restrict access to software records based on employees’ job functions and ensure that important data is encrypted and protected at all times.
- Secure Communications: Another critical component of protecting IP and trade secrets is secure communications. Employees and executives should avoid having conversations about or working on sensitive information in public areas. When communicating sensitive information a secure communication channels should be leveraged such as the Vaporstream Secure Messaging Platform. Vaporstream enables employees to have sensitive conversations on-the-go without threat of information leaks or surveillance while speaking internally or while traveling to less secure locations.
Contributor: Kristi Perdue Hinkle