Here are important ways to protect your data.
Intellectual property, those ideas that we strive to build companies on, are undeniably valuable. But it’s often also vulnerable to threats from inside as well as outside the business, including unhappy employees, ex-employees and competitors. The Office of Australian Information Commissioner reports on notifiable data breaches where the Healthcare sector leads others by numbers of notifications. Interestingly, those breaches have been perpetuated by not only bad third party actors (Script Kiddies, Criminals, Hacktivists, State Actors), but also by simple internal human error. With data breach risks, it’s more important than ever to protect what you’ve often spent years building.
A common definition of Intellectual property includes products of the mind, such as literary works, art and creative design, inventions, symbols, scientific discoveries – even ideas or concepts.
Three main types of laws protect it from unauthorised use by others.
However, these are usually only enforced at the end of the development cycle. As you invest millions into research and development, how are you protecting your developing intellectual property? Your data may also contain personally identifiable or financial information that is just as valuable.
Take a comprehensive approach to safeguard your company’s intellectual property.
The first step to protect any data is to know what your data is and how it is stored. Some of the questions you might ask are:
To mitigate risk, take a good look at your current security methods, barriers and procedures. Are they up-to-date with best practice or recommended controls?
It’s often said that, “In the People-Process-Technology mix, the weakest link is the ‘People’ of an organisation”. User awareness of cybersecurity threats are important to avoid unintended breaches and data theft. A culture of care and practice for data security would need to be demonstrated and applied at all levels.
Be sure appropriate computer and data systems are in place to minimise risk. A host of measures may be taken from encryption of critical data to disaster recovery systems, to monitored systems. What you can’t monitor you can’t protect! Data is everywhere and the perimeter is not what it once was. A firewall on its own will not do the job.
Restrict the use of flash drives, USBs and other devices that allow transfer of data. Limit access to personal email accounts or websites, as well as file-sharing websites like Dropbox and Google Drive.
Don’t allow employees to remove company information from the workplace. It’s a good idea to limit level and type of access to proprietary information based on role within the company.
Implement sound and consistent HR practices, including policies and procedures on the use of technology and communication systems. Ensure employment agreements, policies and hand-books addresses protection of proprietary information, intellectual property and explains clearly the consequences for non-compliance.
Companies are particularly vulnerable to intellectual property issues when an employee departs. Adopt suitable process that ensures data access privileges are shut down across previously available touch points and data exfiltration or tampering is prevented.
Even though your intentions are to safeguard your company’s intellectual property, care must be taken to not compromise employee rights without knowing it.
Although you hope you’ll never have to use it, it’s a good idea to develop a detailed plan to deal with a possible data breach. Be sure you have back-up systems in place and a communication strategy.
Review and update your plans annually. Consider conducting periodic tests of those back-ups and recovery processes.
If data is stolen or misused, first assess the impact to your business and employees, as well as your effected parties. You may have an obligation to issue a public announcement and relevant notifications. Regardless, it’s best to have a communication plan ready to respond to questions.
Let us do the heavy lifting for you. Protecting your data securely from creation to usage should not be treated as a limiting factor. In fact, we view it as an enabler. Bringing together the best in security technology and expertise lets your organisation flourish, without ever feeling restricted.