Wednesday, March 11, 2009
It’s a problem with many names. Some refer to it as corporate espionage. Some say it’s business intelligence. Others may even refer to it as spying. Let’s call a spade a spade. It’s not some work of fiction seen only in movies like Mission Impossible or a Tom Clancy novel. Its occurring right here, right now and your organization may be a target. Don’t think so? Neither did The Cleveland Clinic, Kodak, MasterCard, Avery Denison, DuPont, Metaldyne, 3DGeo, or numerous other companies you may or may not have heard of.
Economic espionage, the most commonly accepted term for it, is a federal crime prosecutable under the Economic Espionage Act of 1996. Without getting into technical definitions of what constitutes economic espionage, it is the stealing of trade secrets, from the rightful owner, for the economic benefit of another. As the rightful owner of trade secrets, does this give you a “warm and fuzzy” feeling because there will be repercussions if the offender is caught? Do you feel safe just because someone can be convicted of a crime for stealing your secrets?
There is one hitch however: A provision in the Act that states the owner of that information must take reasonable measures to keep that information secret. What measures are you or your organization taking to ensure that you meet this provision? Are you classifying your data? Are you marking hard and soft copies of files with “Confidential Information”? Are you storing this information in locked file cabinets or safes? Are you using encrypted emails to send this information? Are you encrypting your hard drives on your laptops? Have you had a risk assessment performed? How about a penetration test? Are you educating your employees on what is sensitive information and how to protect it?
If your answer to one or more of these questions is no, good luck trying to convince anyone that you are taking “reasonable measures” to keep your information secret. Lucky for you, if you haven’t already ended up on the front page of the newspaper, you still have time to correct it. This problem can be fixed, and if you made it to this blog, you know who can help you! Good luck!