An issue many businesses face is how to keep their important files, ideas, products and information secure from prying eyes. Many small businesses would like to ensure that their intellectual property is secure, but have only a vague idea as to how to go about doing so, or about who actually owns what.
Here are four tips on how to keep your resources related to intellectual property (IP) secure.
1. Map it
Before you can take steps to protect your data and property, you need to know just what information and files you have, along with how important each item is. The best way to go about this is to have your managers or team leaders identify the type of information they use and store, along with its value and the risk you could face if it is lost or stolen.
Ask questions like:
- Are there items that should be marked as classified or encrypted?
- How is data to be moved? Is it ok to use removable devices like USB drives or CDs?
- Is printing of classified or important documents and information allowed?
- Are employees connecting to the network with their own devices? If so, do we have access to the files they take/access from their devices?
- Is there any information or property that needs to be patented?
2. Update or create an IP policy
As you get the answers to the questions above and rank the importance and risks associated with data, it is a good idea to update your existing IP policy or create one if you haven’t already done so. Some things that need to be defined include:
- The different levels of security for documents.
- What classified documents are and how they are to be identified.
- When employees should encrypt documents or mark them as classified.
- What will happen if the policy is breached.
- Who is cleared to mark documents and apply security elements.
- Steps for recovering classified or important IP resources from employee’s devices.
Once you have defined a clear policy, you should have employees acknowledge that they understand the policy by signing a copy, or by signing an acknowledgement form which can be attached to the policy. Beyond that, it would be a good idea to periodically review your information and update the policy.
3. Enforce the policy
If you are going through the effort of producing an IP policy, you should follow through and enforce it. This information is incredibly important to your company and if it goes missing it could prove disastrous. Policy monitoring and enforcement is essential, and should usually be done by the HR department, or the owner/manager of the company whose name has been applied to patents or other IP.
4. Test your policy
All good plans need to be tested from time-to-time. IP policies are no exception, and should be tested at least once a year. The best way to test this type of policy is to actually try and steal it. Now, since you know about the company and the way data is stored, you are not the best person to try and steal your own data. This is where hiring an external firm or working with a managed service provider helps. They will often have ways to test your systems and can provide you with tips on where to make improvements and how.
If you are looking to take steps to protect your valuable IP and data, please contact us today to see how we can help.