IP Theft Prevention: Beyond Just Technology
November 12, 2012
News headlines about credit card numbers being stolen and other successful security attacks on intellectual property (IP) during the last decade have raised awareness in these kinds of threats. Although many companies still intuitively want to keep major security incidents from public view, they are now much more open to communicating details of the attacks because of legal obligations to regulators and their customers.
Another result of these incidents is that more companies are taking a harder look at their security postures and preventive measures. It’s not enough to buy off-the-shelf technology solutions. Processes and the fine-tuning of technologies also play a critical role in minimizing IP theft at companies of all sizes.
After working with small, medium and large companies from around the globe on IP attacks after they happen, we know that such attacks most commonly come from current or former employees. How does a company prevent such occurrences within their own walls – and what can it do to prevent threats from the outside?
While there’s not a single tool that will ensure IP theft won’t occur, there are resources and tools that can mitigate these risks. It’s best to take a multi-level approach with the following directives in place to help prevent IP theft:
Merge Good Technology with Good Overarching Security Policies – The most robust programs to prevent theft reach into every part of the company and include policies and technologies that complement each other. Technology alone is not enough to mitigate the risks.
Create and Communicate – You can have the best security technologies at your fingertips, but without policies that guard against IP theft properly communicated, these technologies are meaningless. Generously promote security policies to your employees. Messages about ensuring strong password sets and resets at regular intervals and promoting security awareness training to employees as soon as they’re hired are two examples.
Build Protective Architectures Conducive to Business – It’s possible that security policies and processes are so strict that they impair a company’s ability to do business. Not every bit of data needs to be encrypted or kept in front of a firewall. Companies need to decide what information is proprietary and what isn’t early in the security assessment process. You don’t want security to suffocate your business needlessly. Experts can help you prioritize where you need security and where you don’t.
Customize Security Solutions – Companies should tailor the various technologies to their own particular businesses. It’s not “one size fits all.” For example, some software can be customized to prevent copying information on a USB drive or CD.
Monitor Internal Traffic Trends – The auditing of large file transfers or related activity should be part of your strategy to prevent IP theft. For instance, a slew of software or file transfers or deletions from a workstation or server, or other unusual internal business activity should raise red flags as an incident to analyze and audit. It’s good to have a baseline to start from and for all network anomalies in the baseline – internally and externally – to be detected and flagged.
Consider DLP Technologies – Are you preventing the loss of sensitive files from inadvertent actions and malicious intent? If not, there are Data Loss Prevention (DLP) technologies that protect “data at rest” and “data in motion.” These systems are designed for deep content inspection to detect and prevent unauthorized transmission of confidential information. A sound DLP solution in its elementary form includes a system that performs fingerprinting and heuristics (experience-based techniques) to identify and tag the data that’s being monitored for unauthorized access and transmission. A robust DLP program includes a DLP assessment that entails data classification and lifecycle analysis in conjunction with DLP systems in place to prevent a DLP incident.
Perform Network Security Assessments – It’s good to step back and make sure that all security technologies on a network are working in tandem with each other to form an effective defense to attacks. Assessments are needed to identify any security gaps from a holistic standpoint. You should ask, “Where is critical data located and how is that data secure?” A robust and secure network is always proportional to an efficient network with managed risks.
Be Prepared for Incident Response – Install proper incident response and related forensic investigation policies so people are not at a disadvantage when a security breach occurs. They need to know exactly which experts to alert to begin an investigation and all the appropriate actions that need to be coordinated with the proper resources – whether that be inside or outside the company. Outside security experts can often collect forensic information with special tools that holds up to legal scrutiny, which can be advantageous in today’s litigious world.
The risks of IP theft are dynamically changing with ever-evolving networks. These risks can be proactively managed and the threat of IP theft remarkably lowered by preemptively engineering solutions that cater to a robust network security program. This includes building an intelligent camaraderie between people, process and technologies.