Intellectual Property theft is committed by half of all employees and contractors, according to Symantec’s February 2013 Survey, “What's Yours is Mine: How Employees Are Putting Your Intellectual Property at Risk“. Employees routinely transfer company data to the cloud through personal emails and on to flash drives, as part of the day to day execution of their jobs, and then they never clean the data off of their systems. What’s more significant, most employees, despite their non-disclosure agreements, believe that the creative work performed on behalf of their employers remains their own.
Corporations, for their part, do not properly educate their workforce about the real parameters of IP theft, nor do they enforce agreements executed related to intellectual property. With 67% of employee or independent contractors taking IP with them for the express purpose of leveraging it at a new position, and more than $250 billion in annual losses related to IP theft, every business should reexamine its policies and procedures for departing employees, and prepare an action plan for forensic investigations to document employee theft as part of their IP Protection Plan.
- implement and reinforce non-disclosure and non-compete agreements
- use forensic techniques to monitor your network
- verify access to your networks
- maintain privacy and security through key word phrases
- develop a solid relationship with a digital forensics investigator
- reallocate equipment without making a forensic copy
- discard the forensic image for at least six months
- allow your staff to use personal flash drives
- underestimate the determination of a thief
- do it yourself
Many businesses are not using non-disclosure and non-compete agreements, and few of those that are, enforce them. These simple legal agreements provide a solid way of defining Intellectual property theft, as well as the consequences of the theft. What’s more, the documents set a level field of mutual understanding. Each party has clear expectations laid out, so there is no plausible deniability, should evidence of Intellectual property theft arise. When an employee departs, provide them with a copy of their signed agreements and remind them of their continued obligations under those agreements.
Forensic techniques differ from general IT security protection in an important way. Forensic techniques will withstand the scrutiny of litigation should that ever become necessary. There are strict standards for submitting and defending electronic evidence from computer and mobile devices in court of law. If your company fails to preserve the data properly, it will either not be admissible, or fail to survive a cross examination. While your internal IT staff can often identify a problem, the legal documentation of it is essential to the lawsuit. Your IT Department should have a clear escalation procedure, that includes calling in a computer forensics investigator and notifying the C-suite and general counsel.
Cyber criminals constantly ping networks for unauthorized access, and your IT security policy should be protecting you from infiltration. However, internal access that is nefarious is less obvious to detect. Ensure your IT systems monitor internal access to ensure any unusual access can be detected. Unusual access can take the form of activity either during an unusual time of day, for an unusual set of of company data or with an unusual volume of data. It is important that the IT system to logs this activity and alerts personnel to review the logs for possible inappropriate access.
A disgruntled employee, contractor or corporate spy may use language that indicates their intent to steal, or an actual commission of a theft. Identify those terms, and implement a keyword search through corporate email servers to flag terms and phrases that indicate an investigation is in order.
Naturally, every company looks for ways to preserve capital and maximize profits. But a loss of intellectual property can cost your company everything. Interview digital forensic investigators and determine an action plan before you need one. When, not if, it becomes apparent that lines have been crossed, you will be able to take confident, determined action at a moment’s notice. The longer a breach is sustained, the more damage there will be to contain.
Your IT Staff can still maximize the utilization of fixed assets by reallocating equipment right away but without compromising potential evidence. Establish a human resource policy that upon departure, the laptop, desktop, tablet and mobile phone issued by your company for every employee and contractor must be returned and that a forensic copy of the device will be made as a precaution. This is a great way to preserve a record of the activities of an exiting employee or contractor, and ensure it’s admissibility should misuse of your intellectual property become an issue.
You may need a computer forensics team to review the evidence long after the individual departed. Using inexpensive hard drives, maintain all outgoing device images for six months to a year. If a risk analysis reveals a longer time frame, then act accordingly. Intellectual property theft is not always immediately apparent. It can take months for the competitor to successfully utilize the stolen information.
Purchase, inventory and track the use of corporate flash drives so your company can control all USB access to its network. Use network security software that alerts your IT security department when irregularities arise. No software program can prevent theft entirely, but using the right combination of tools will allow your company to preserve resources while pulling in an investigator, as quickly as possible.
While the vast majority of employees and contractors will use intellectual property referentially, there is the potential to fence stolen data that is profitable and easily accessible. We no longer live in a world divided by technically savvy and technically ignorant people. Today’s entry level workforce has no memory of a world that is not technically saturated. Hacking is not reserved to mischievous teens, it is a sophisticated criminal enterprise.
Implementing policies such as these, without proper consultation, can break the chain of evidence or compromise the evidence rendering inadmissible. But, proper preemptive use of forensic tools and techniques by qualified individuals can ensure that key evidence is not lost before its true value is known.
Today’s electronic environment requires that executives, human resources, legal and technical professionals work in a technologically savvy manner. Executives can no longer afford to brush off serious technical threats without risking the health of their profits, stock value and even their own jobs. Instituting this top shelf intellectual property protection policy is proactive, and used in conjunction with proven digital forensics company, will allow your company to defend, enforce and prosecute intellectual property theft violations.