Securing Your Proprietary Data
If you’ve been in business for even a short while, chances are you have important and valuable information and files that you need to keep secure. Chances are, you also need to keep this information from falling into the wrong hands.
Many business owners are unsure how to actually make sure that this information is secure and protected. Depending on your business, there may even be confusion over who owns what data. The first step in ensuring the security and integrity of your business is to secure your intellectual property.
Below, you can find four tips on keeping your intellectual property (IP) your own. If you need additional information or assistance in implementing these – contact us.
Draw it out.
Before you can take any steps to protect your data and intellectual property, you need to know what information and files you have on your systems, along with a rank of how important they are. Protecting the Colonel’s 11 herbs and spices is fine – as long as you know that you have the recipe in your possession! One way to do this is to have your managers or leaders identify the type of information that they use and store, along with it’s relative value to their processes and the risks to the business if the data is lost or stolen.
You might try getting them to answer questions like:
Are there items that should be marked as confidential or even be encrypted?
How is data to be moved? Is it ok to use removable devices like USB drives or CD’s?
Is the printing of confidential or important documents, drawings or other information allowed? If so, are there limits on who should be able to print?
Do regular employees connect to the network with their own devices (think phones, tablets, laptops)? If so, can you control or monitor the files that they take or access from their devices?
Is there any information or property that can/should be patented?
Who should have access to the files, data, documents and drawings that your department creates?
Consider creating (or updating) your IP policy.
As you consider the answers to the above questions, rank the importance and risks associated with the data. Use this information to write or update any existing IP policies, taking care to define:
The different levels of security for documents and drawings
What confidential documents are and how they are to be marked or identified
When employees should encrypt files and/or mark them as confidential
What will happen when a policy is breached
Who in the organization is cleared to mark documents and apply security elements
Steps for recovering classified or important IP resources from employee’s devices – or preventing them from viewing in the first place.
Once you have a clear policy, consider having employees acknowledge that they understand the policy by signing it, or an acknowledgement form that can be attached to the policy. Moving forward, it’s always a good idea to periodically review the information, updating as necessary and reminding employees of their agreement to keep company information secure.
Enforce the policy.
Since you’re going through the effort of producing and documenting a policy, make sure that you follow through and enforce the policy. This data can be important to your company, and if it is lost or stolen, it can have dire consequences for your business.
Policy monitoring and enforcement is essential to getting your employees to take the policy seriously. Generally speaking, we see the policy enforced by Human Resources or the owner or manager of the company, whose name has been listed on the patents or other IP.
Test the policy.
All good plans need to be tested to prove that they work as intended. IP policies are no exception, and should be tested as a part of an annual security audit. The best way to test this type of policy is to actually try and steal it! Since you know about your company and the way that data is stored, you may not be the best choice in attempting to steal your own data. Instead, hiring an external firm or working with a managed service provider can help. They often have ways to test your systems and can provide you with tips on where, and how, to make improvements.
Ensuring that your “secret sauce” recipes stay safe is an important piece of safeguarding your business and ensuring that no one else can benefit from your hard work and great ideas. Using the four tips above will set you well on your way to making sure that your data is secure. If it proves to be a hassle for you, don’t hesitate to give us a call. Our network and data security experts will be happy to provide industry best practices and methods to help make sure that your data stays safe.
As always, connect with me - drop me a line...I would love to hear from you!
Until Next Time…I GottaLottatoSay about just about everything….