A common issue many businesses face is keeping their important files, ideas, products and information secure from prying eyes. Many small businesses would like to ensure that their intellectual property is secure, but have only a vague idea as to how to go about doing so, or about who actually owns what.
Here are four tips on how to keep your resources related to intellectual property (IP) secure.
1. Map it
Before you can actually take steps to protect your data and property you need to actually know what information and files you have on your folder, along with how important they are. The best way to go about this is to have your managers or team leaders identify the type of information they use and store, along with its value and the risk you could face if it is lost or stolen.
Try to get them to ask questions like:
- Are there items that should be marked as classified or encrypted?
- How is data to be moved? Is it ok to use removable devices like USB drives or CDs?
- Is printing of classified or important documents and information allowed?
- Are employees connecting to the network with their own devices? If so, do we have access to the files they take/access from their devices?
- Is there any information or property that needs to be patented?
2. Update or create an IP policy
As you get the answers to the questions above and rank the importance and risks associated with data it is a good idea to either write or update any existing IP policy. You should take steps to ensure that you define:
- The different levels of security for documents.
- What classified documents are and how they are to be identified.
- When employees should encrypt documents or mark them as classified.
- What will happen when the policy is breached.
- Who is cleared to mark documents and apply security elements.
- Steps for recovering classified or important IP resources from employee's devices.
Once you have defined a clear policy, you should have employees acknowledge that they understand the policy by signing it, or an acknowledgement form which can be attached to the policy. Beyond that, it would be a good idea to periodically review your information and update the policy.
3. Enforce the policy
If you are going to through the effort of producing a policy, you should follow through and enforce it. Once again, this information is often incredibly important to your company and if it goes missing this could prove disastrous. Policy monitoring and enforcement is essential, and should usually be done by the HR department, or the owner/manager of the company whose name has been applied to patents or other IP.
4. Test your policy
All good plans need to be tested from time-to-time. IP policies are no exception, and should be tested at least once a year. The best way to test this type of policy is to actually try and steal it. Now, since you know about the company and the way data is stored, you are not the best person to try and steal your own data. This is where hiring an external firm or working with a managed service provider helps. They will often have ways to test your systems and can provide you with tips on where to make improvements and how.
If you are looking to take steps to protect your valuable IP and data, please contact us today to see how we can help.