Keeping Intellectual Property Safe

The lifeblood of every company is its Intellectual Property (IP).  In almost every targeted attack, these days, data breaches are taking place directly on IPs.  In essence, an organisation’s IP, that is its patents, copyrights, classified trade information or employee and customer details, are more highly valuable than any physical asset. 

IT security teams need to realise the significance of the data held in their organisation and how it can be a prime target for dark forces waiting to get a hold of the information.  Intellectual property can be stolen by various methods, such as hacking and even ingenious methods such as researchers under the guise of competitive intelligence, as well as outright spies.

Protecting the IP of a company is a sophisticated task that involves a wide variety of resources including legal, human resources, IT and various other sections.  More than ever, the Chief Information Security Officer plays a critical role in preventing cyber-attacks on intellectual property information. The research revealed by the Theft Of Intellectual Property Commission shows that IP theft alone costs US companies than $600 billion each year.

Catching IP thieves can be challenging, and prosecuting them can be even more tricky.  But, obtaining the stolen information is almost near impossible. This is why, every section of a company’s IT department, including Chief Risk Officers, Chief Information Officers and Chief Security Officers must be involved in safeguarding a company’s IP. 

Here are some real-life examples that took place:

  • An employee of an engineering company used to meet with his former boss regularly. The former boss belonged to a rival engineering firm.  The employee would pass on competitive intelligence from his company to his former boss, and this data caused his current employer, considered to be the market leader, to lose out on prominent bids in 12 months.

  • A group of scientists who had immigrated to the United States from Eastern Europe, received unsolicited invites from their home countries to hold workshops on scientific seminars.  They received remuneration as paid consultants, and the tempting invites appealed to them as leading scientists. The information shared during the workshops and seminars were critical data on the work they were conducting back in the United States with their peers.  The home countries in Eastern Europe gathered this information and competitive intelligence and used it to better their progress, thus undermining the research and development taken to create the data.

How can one keep IP safe from theft?  Here are some steps that can help.

Understanding the type of intellectual property in the company:  If every employee comprehends the kind of information that needs to be safeguarded in their organisation, they can be in a better position to understand how to protect it, and from whom it needs to be secured. To address this challenge, IT departments must correspond with the teams that oversee intellectual capital regularly.  It is also essential to meet with representatives from every department, either once a month or every quarter. Protecting company IP requires leadership across the corporate board to work unitedly and in cohesion.

Understanding where company intellectual property lies:  In most cases, it is seen that there is a more considerable effort on securing IP in core IT systems.  Doing so can neglect other aspects where it could be processed or stored. For instance, input and output devices store documents, such as printers, copiers and the like.  These devices are generally networked and connected to remote management systems. IT departments must ensure adequate procedures are in place to destroy these documents once consumed and safeguard against non-permitted access.

Similarly, Cloud applications and file sharing services also post IP information.  Unauthorised cloud services must be restricted and ensure that organisation-sanctioned policies are in place to secure the data.  Sometimes, IP is also shared with specific vendors, partners or clients. It is crucial to hold binding contracts which are signed by third-party systems that receive and keep company IP.  Last but not least, personal devices of employees can be used to handle IP information. Hence, organisations must be careful in tracking where IP is being sent and ensure that monitoring systems are in place at all times.

There are a variety of applications and tools available to track documents and IP information. However, securing IP systematically and without the risk of a data breach can be done through Digital Rights Management technology.  It can prevent the theft of your intellectual property held in various formats, including PDF documents, Word files, websites, images, software, training modules and more. DRM software can ensure the security and protection of your intellectual property by preventing the copying, printing, downloading and theft of your content at all times.  It can ensure it is no longer accessible after a period of time, can only used in authorized locations, and that access can be revoked at any time.