Data breaches are a regular feature in the news lately. More often than not, these news stories are concerned with the theft and exposure of customer information.
But what about attacks targeting intellectual property?
The term ‘intellectual property’ (IP) covers a wide range of assets that include intangible creations of the human intellect — from business plans and creative work to proprietary software or hardware. The most well-known types of intellectual property are copyrights, patents, trademarks and trade secrets.
Whether registered or not these IP assets are often amongst an organisation’s most valuable, making them highly vulnerable to threat and compromise (particularly given that vast amounts of intellectual property are now stored electronically).
Although most businesses take measures to protect themselves from industrial espionage by corporate competitors, theft of intellectual property is more frequently a result of insider threat — either through misuse, abuse or sometimes a mistake. Insiders are a major target in opponent efforts to gain private information and are a leading source of these leaks.
In many cases, insiders will have access to content, corporate systems and networks, making it relatively easy to steal valuable information and intellectual property during working hours. For example, they could share information assets via email, removable media, printed materials, remote network access, file transfer or downloads to laptops. Because these insiders have authorised access to these IP assets, it can be challenging to distinguish between access for legitimate purposes and access with intent to steal.
However, rather than steal these information assets to sell them, many insiders will leave with confidential company information when they depart the organisation — either deliberately or unintentionally. If they take this information with them to a new job, foreign government or to start a competing business, this could be hugely damaging for their former organisation. A company’s intellectual property is what gives it a distinctive competitive edge, so it is vital that it does not fall into the hands of competitors.
Regulations such as the General Data Protection Regulation (GDPR) have been established to help protect information. Additionally, organisations such as the Competitions Commission have taken to dawn raids and investigations on price fixing where IP is shared by insiders with competitors.
Managing access and monitoring activity
So, what can companies do to secure and protect their intellectual property from threat and compromise?
Organisations should, first and foremost, ensure their information security plans include procedures and policies on the proper protection of intellectual property. This includes having employees and vendors sign a code of conduct or confidentiality and non-disclosure agreements before beginning any work.
Businesses should also identify their various assets through a data classification process and take steps to compartmentalise electronically stored confidential information — ensuring it is only accessible on a least privilege basis. Tools like One Identity Safeguard can help protect privileged access. Identity governance programs, such as Clear Skye’s ServiceNow integration, can also help to automate the identity lifecycle management process right from initial onboarding. This will help to manage access requests and changes as team members go through their employment journey.
Equally, companies should work with HR teams to guarantee proper offboarding of employees. Most insiders steal data within a month of departure, so it is crucial to monitor their activity on the network during this time, including file and email transfers. For example, detecting confidential documents being sent to the individual’s personal email account is often a red flag. Monitoring software, such as CyGlass’ Network Defense as a Service, can track actions and spot network anomalies which may indicate that data and potentially intellectual property are being stolen.
In many cases, it is also advisable to immediately revoke a departing employee’s ability to access any proprietary information. Again, this can be achieved through effective identity lifecycle management software.