Lock up your IP and Control Access to it



Eighth in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

As we defined “intellectual property” in my last post, we now need to classify each of the “crown jewels” of your organization. Consider using an automated data protection platform like Digital Guardian to classify each asset based on distinct levels of sensitivity, and then define specific rules for each level.

Your crown jewels need to be protected throughout their IP life cycle, which covers their entire journey from concept to process to shipping product. Consider this complete cycle when looking for weaknesses in your IP defenses.

Lock up your crown jewels in secure electronic “vaults” where strong multi-factor authentication and robust account management restrict access by user role. Control access using the principle of least privilege – granting people the lowest level of user rights necessary to do their jobs effectively. Investigate technologies such as digital rights management (DRM) and data loss protection (DLP) which provide data encryption and export restriction capabilities.

As content is removed from the vault, it is controlled and protected by the policies associated with how it was tagged during classification. Monitor and audit IP usage by partners and suppliers throughout your supply chain. Set up alerting whenever an established control such as user privileges or firewall configuration is changed. Secure endpoints such as PCs and mobile devices when off the network, where many data breaches originate. All of these actions will make it very hard for attackers to gain privileged access to any of your crown jewels.

To summarize, follow this checklist to protect your IP from both insider threats and cyber attacks:
□ Consider an automated tool to identify & classify your IP.
□ Create policy rules & privileges for each type of asset.
□ Establish very tight electronic access controls.
□ Tag & monitor IP throughout its lifecycle.
□ Investigate technologies such as DRM & DLP.

Now download my e-book covering 5 key IP protection tips to follow, based on the practical experience of Digital Guardian’s manufacturing industry customers.

Read the full series:

  1. The Threats to Your Trade Secrets are Real
  2. Why Offshoring Complicates IP Protection
  3. Calculating the True Cost of IP Theft
  4. Make the Case for Investment in Ongoing IP Protection
  5. How to Form an IP Risk Committee
  6. 7 Elements of a Holistic IP Protection Plan
  7. Defining Intellectual Property
  8. Lock up your IP and Control Access to it
  9. Discover the Weaknesses in Your IP Security
  10. Improve Your Ability to Detect Cyber-Attacks

 

Larry Brock

5 Practical Tips to Protect Manufacturing Trade Secrets

Five key recommendations to help evaluate if your organization’s security program can protect your IP from cyber espionage attacks. 

Get the e-book today

Related Articles
The Threats to Your Trade Secrets are Real

New Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

WIPOut: The Devastating Business Effects of Intellectual Property Theft

A recent 60 Minutes feature told of China’s current cyber-espionage campaign that stole one company’s intellectual property in its near entirety. As China’s campaign continues targeting U.S. companies across every industry, those companies must take steps to protect IP and preserve their competitive advantage.

Discover the Weaknesses in Your IP Security

Ninth in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

Larry Brock

Larry Brock (CISM) is the former global CISO at DuPont, a post he held for 11 years. He also served as CIO of DuPont’s Nylon Flooring business unit, as Information Security Officer in the U.S. Air Force and at the National Security Agency (NSA) for four years. Mr. Brock currently consults to companies helping them to improve their IP protection capabilities.

Please post your comments here