Intellectual property is becoming an increasingly valuable commodity with a growing number of knowledge-based companies in Europe having a strong focus on trademark rights, design protection, patents and copyrights.
In a sign of just how significant they are to the European economy, a recent report estimated 39% of gross domestic product in the European Union is generated by industries focused on intellectual property.
As well as patents, brands, samples and copyrights, companies also need to protect trade secrets – such as production processes and formulations – which do not benefit from legal protection in the same way as intellectual property. If those trade secrets were to fall into the wrong hands, they could have a damaging effect on a company’s competitive edge.
The most valuable asset knowledge-based companies have is internal information. If it were to leak to the wrong people, it could have devastating effects on the business. Key research and development work could be compromised by competitors and future plans and acquisitions could be sabotaged if rivals hear about them in advance.
>See also: Big data: managing the legal and regulatory risks
There are people trying to make that happen. According to a survey by the European Commission, one in five companies has been a victim of attempted trade secret theft at least once in the previous ten years.
Risky business
Sales and procurement departments can be a serious risk because they communicate regularly with suppliers and customers in calls for tender, proposal processes and contractual negotiations. And while communication is important to companies working with external partners on research and development projects, they need to safeguard research results and patent-related knowledge even as they make collaboration with partners as smooth as possible. The same applies to projects like clinical studies, where results are shared with others but need to be protected.
Cooperating with external companies in areas such as contract manufacturing could also prove risky if it gives them insight into confidential business information, such as construction plans, formulations and production processes.
There are other instances where organisations might be given access to a company’s internal information. Certification bodies and other testing organisations could have access to internal communication processes, technical features, test reports and safety information. Communications during bidding processes, such as when companies sell licenses and patents, are also sensitive. Service reports and information about claims or damage need to be handled in a discreet manner too.
Simple and secure
While there are legal protections for intellectual property, it needs to be underpinned with technical measures that help to protect the information flow vital to many businesses.
How can this be achieved? Companies need to adopt a collaboration platform that users can understand and that supports them in their everyday work so it is perceived as a helpful tool rather than a hindrance. The user interface design should be tailored to their needs and the platform should perform like the normal working environment on their laptop, PC or workstation. They should also be able to access it while travelling or working from their home office.
Data transmission and data storage should be protected by cryptographic means. Strong authentication measures should ensure only authorised users have access to documents with access permissions for a limited time that are easy to change.
It should be possible to modify what users can do with a document. For example, the document could be in read-only mode with no permission to save, print or forward it. Activities on the platform should be logged in a tamperproof audit trail, enabling traceable, transparent insight into how documents are used and edited. The company should be able to receive feedback on how intensively particular documents have been used.
>See also: Forget cybercriminals: How to protect data from disgruntled employees
Encryption should be used to prevent unauthorised individuals from snooping on communications and illegally obtaining or manipulating information. The storage and processing area should be protected from unauthorised access. Confidential information should also be protected from access by technical staff, such as data centre employees or internal system administrators.
Data protection rules should be integrated into the system so data is only available for a specific purpose, to certain people and for a defined period of time. Security features should be up-to-date and based on the latest technologies with the system complying with current and recognised standards of data protection and security.
In today’s world, many companies need to collaborate with third parties to remain innovative, but they also need to protect their intellectual property and trade secrets to preserve their competitive edge.
Sourced from Mark Edge, Brainloop