October 17, 2015
Just as intellectual property (as well as data of all kinds) becomes such a critical and valuable asset to companies, BYOD, the cloud, consumer file sharing platforms, and other technologies are leaking IP like never before. In fact, 62 percent of all workers see nothing wrong with transferring your sensitive corporate data to their own home computers, their tablets and smartphones, and even consumer-grade public cloud services like Dropbox, Google Drive, iCloud, Microsoft OneDrive, etc.
Theft and loss of IP in a BYOD workplace can happen in many ways. Workers can accidentally leak it via public Wi-Fi, insecure apps, failure to secure their devices, etc. It can also happen when workers use their BYOD devices to copy the information and take it with them to a new employer. What can you do to protect your IP in the age of BYOD?
Education Can Eliminate Most IP Leaking
The majority of workers do not steal or mishandle IP out of malice, but are simply ignorant of good data handling practices, mobile security, and the law.
The good news is, that most of it is done out of ignorance, not malice. In fact 56 percent of employees just don't believe it is illegal to use a competitor's confidential trade information. If the employee had a hand in creating the IP, they feel partial ownership of it, and don't think taking it to your competitor is wrong. Loading it onto their tablet or smartphone, or simply uploading it to their cloud storage, is then a simple matter. When malice isn't a factor, education is all it takes to keep employees from sharing your IP, whether accidental or intentional. Provide training on IT security, such as how much easier it is to steal data from a mobile device than from your internal network, and supplement that training with information on the legalities of handling, sharing, and using corporate intellectual property.
Establish an Atmosphere of Accountability and Responsibility
It's much better to handle responsibility and accountability at the departmental level than from the top down, since the supervisors and managers are in a much better position to monitor how workers are actually using, sharing, and storing IP. Too many companies slap down a gigantic non-disclosure agreement upon hire (which no one ever reads), and then forgets about it. The protection of your sensitive and valuable corporate data needs to be something that is discussed and managed constantly and consistently throughout the organization.
Create Clear Policies and a Non-Disclosure Agreement
A failure to teach workers what constitutes IP theft could result in trouble for them, and even their next employer.
Instead of simply passing a document under your new hires' noses, develop clear and easily explained policies. Train new hires before presenting them with the non-disclosure agreement, so that they are fully aware of what it says, what it means, and the consequences of failing or refusing to comply. Consider regular refresher courses or another means of keeping this message fresh and in the minds of your workers.
Highlight the Risks to the Employee and Their Next Employer
When you're training workers, don't simply explain how important securing your intellectual property is to the organization. Make sure they understand why it is important to them. For example, in many cases it could be criminal to leak sensitive data or take it to a competitor. Additionally, the new employer could be held legally and financially responsible for the theft, even if they had no knowledge that the employee brought it along with them. That wouldn't bode well for the worker after they moved to the competitor to advance their career.
After you've taken these steps, accidental and most intentional IP theft will stop. The remainder can usually be caught at the departmental level and addressed appropriately, according to company policy.
What does it take to keep up with network monitoring and other demands of a BYOD workplace? Learn all about it in this Cost of Network Efficiency whitepaper.