The business sector has always been the target of scammers and thieves, including employees and related parties trying to steal money and goods, there is no reason to believe that the IT tools got you fully protected.
It is common to hear news about cyber attacks against companies, but statistics show that 85 percent of the trade secrets related prosecutions -in state and federal courts of the United States- involve employees or business partners.
This setback forced us to step up security measures to be implemented within companies to protect secret corporate assets by using instruments and procedures that protect computer networks and other procedures related to trade secrets.
Part of the solution lays in the implementation of confidentiality and nondisclosure agreements with the employees and business partners. Confidentiality policies should be established, supervised and accompanied by audits, in order for the intruder to return the stolen information. There has been a case of an employee who has alleged ignorance about the confidentiality policies because they were not clearly defined by the company.
In the same vein, it has been recommended that companies restrict access to physical and electronic instruments (IT) which must have, at the same time, a security system that should be evaluated and improved regularly.
It is also important to document trade secrets in an internal record in order to highlight which areas are at higher information leak risk and to identify the most vulnerable departments. An IT stored trade secret is considered as legal evidence to prove that the company has made ”reasonable efforts” to prevent information leakage.
But there is another series of recommendations to prevent confidential information theft and avoid the damage it could cause to a company:
A “glass eye”
Someone must be responsible for what happens.
Sometimes it is a matter of common sense to monitoring and control. There have been cases of confidential information leakages (customer lists, for example) that happened because the documents have been left on the desk counter or a desktop, or because passwords were visible to employees and visitors.
Do not return by the same route
Just as it is never good to return home using the same route in order to prevent anyone viewing your routine, nor is that other associated contractors, suppliers, distributors and customers are receiving information that leads to a trade secret.
Beyond the non-disclosure agreements, it is essential to develop processes and plans in the supply chain in order to protect confidential information.
Trust and responsibility
Employees must be properly noticed about the confidence provided to them by having access to confidential information and also about the possible consequences of its disclosure. It is not enough that the company is clear about what is confidential and what is not; there should also be clear that employees have access to it.
Systematic changes
All “reasonable efforts” to conduct business to protect their secrets, should be monitored and updated frequently. Today’s secrets might not be tomorrow’s because of the competition, market changes, businesses growing and procedures and policies changes.
It requires, in addition, have a rapid response plan to find the source of a problem and track them.
Business email
A current IT tool; however it is most often used to share business information. How far companies can limit and control corporate email usage without trespass employee’s privacy.
To reduce the vulnerability of information leakage or trade secrets exchange there must be drafted clauses in contracts or develop rules and prohibitions related to the company’s technological resources usage and management. It is ideal to have procedure manuals on data protection, which should be backed up with regular audits clarifying the tool’s use and the scope of the employee responsibility.
+++++
Today’s business world is complex: IT threats, complex supply chains, employees switching employers and moving through countries and even continents. It is necessary to establish all possible security measures to protect trade secrets.
But we must also bear in mind that when the crime is already committed, the possibility that the courts dictate penalties and provide you compensation will depend on the company has taken “reasonable measures” to protect their trade secrets. Otherwise, the problem will hardly have solutions.
| 