Ads by TechWords

See your link here
Receive the latest technology news and information.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

A Practical Approach to Protecting Trade Secrets

November 11, 2009 01:22 PM ET

CIO - Trade secrets are increasingly becoming a company's most valuable assets, and not surprisingly, threats to those assets have increased concomitantly. The greatest threat to company data is, of course, not outsiders but a company's own employees A company's ability to protect against rogue employees (as well as against unintentional harm) is governed by both federal and state laws, which vary by jurisdiction and, worse, are in a state of flux in many of those jurisdictions.

As with most security challenges, it isn't possible to eliminate the threat. But working together, your IT department and company counsel can and should maximize the establishment and implementation of trade secret protections. Here's how:

Define the Problem

Your company must understand the scope of the problem in order to mitigate its effects. A "trade secret audit" --which includes steps similar to those in any security audit--is a critical tool your company can use to ascertain what confidential information it currently has. Confidential information is defined more broadly than true trade secrets.

To read more on this topic see: Fed Agencies Push New Security Audits and More Than Half of Fired Employees Steal Data.

Though they come in all shapes and sizes, most trade secret audits include the following elements: (i) determination of which information ought to be protected; (ii) review of the procedures already in place to protect that information; and (iii) analysis of the sufficiency of those protections, including identification of gaps in the existing protections, both generally and as applied to the specific information to which the gaps pertain.

The sufficiency of the existing protections turns largely, on the value of the information along with the practical need for and cost of properly protecting it. For example, while Coca-Cola quite properly takes extraordinary measures to protect the secret formula to Coke, no one would expect Coca-Cola to take similar measures to protect trade secrets with only marginal value.

Establish a realistic protection program

After your company has completed assessing the scope of the problem, you can develop a comprehensive protection program. Such a program commonly involves a combination of policies, procedures, and contracts, as well as the IT infrastructure necessary to support each. While these programs share many general characteristics, each is unique to the particular requirements of your company, including the nature of your company's confidential information, the number and circumstances of your company's current and planned personnel, your company's corporate culture, available financial resources, and overall IT infrastructure. In its most basic form, a proper protection program involves:

(1) computer safeguards, including appropriate levels of access

(2) security measures for all electronic technologies such as USB drives, flash cards, smart phones, FTP sites and social media sites)


Originally published on www.cio.com. Click here to read the original story.

Jump to comments

Security

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

What People Are Saying

White Papers & Webcasts

The Business Case for Virtualization
Download this Resource Now!  

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

XenApp Extends Virtualized Application Delivery
Download this webcast to learn how to accelerate delivery of virtualized applications and streamline management.

Top HPC Use Cases in Life Sciences
Learn from the experts how best to apply cutting edge high-performance computing techniques a life sciences environment.


IT Jobs