Intellectual Property (IP) can be defined as a work or invention that is the result of creativity, such as a manuscript or a design, to which one has rights and for which one may apply to prevent others from use of that creativity. The rights and protections for owners of intellectual property are based on federal patent, trademark and copyright laws. The basic distinction between these laws are that Patents protect inventions of tangible things, Copyrights protect various forms of written and artistic expression, and Trademarks protect a name or symbol that identifies the source of goods or services.
The purpose of these laws is to give an incentive for people to develop creative works that benefit society, by ensuring they can profit from their works without fear of misappropriation by others. The whole purpose for creating these laws would be defeated if skilled hackers could simply circumvent any creative process by simply stealing the creative works. The reality is that with modern technology in place, IP theft could not only occur in theory but is an inevitable occurrence for any Company that does not have proper procedures in place.
This blog post aims to provide preventive measures and also help identify where the IP leaked from through analysis and forensic examination of the suspect’s computers and mobile devices.
Prevent IP theft
The first step is to undertake an analysis of your internal network. Begin by identifying your digital assets: what are they, where are they stored, who has access to them, are the assets backed up? Also, address your wider IT policies and practices. Do all employees and contractors, etc. have access to confidential information? Are they allowed to access web mail such as Gmail and Yahoo or online messaging systems, which allow them to send attachments out of the organization? Can they save files to USB sticks? Did your analysis show that the use of email and online messaging services is widespread? Your internal review may reveal that the whole organization can access the client database which contains your creative work. This is problematic because access to assets of value should be granted only to staff members that need to access them. Limiting the access to your database can help pinpoint which members of your team have an intimate role in working with the creative work and thereby making it easier to tracing who was responsible for the leak.
After you’ve conducted a thorough analysis, the next step would be to proceed with the necessary changes. Restricting your working practices will have the dual effect of protecting your IP and also altering to data security and whether they are aware that their employer has measures in place to prevent and detect it. If not, consider how this can be rectified. If restricting private information within the Company is impractical for any reason, perhaps the middle ground could be to delineate and clearly inform every employee of their permitted and not permitted to do with the company data and they can also arrange training to raise risk awareness among staff.