Protecting Intellectual Property For Enterprise Security
In 2016, a former employee of the Federal Deposit Insurance Corp. (FDIC) accidentally left the agency with a personal storage device containing the sensitive information of over 40,000 customers. Although the storage device was eventually returned, the incident highlighted how easy it can be for important data to get mishandled.
With so many ways to spread sensitive information — including email, file sharing, and even flash drives — companies need to carefully manage how their data is distributed, and to whom.
Failing to address these potential pitfalls can have major implications for a company’s reputation and bottom line. Here’s what you need to know about protecting your intellectual property:
Enterprise Security: External Threats
According to Techtarget, intellectual property (IP) “is a term for any intangible asset — something proprietary that doesn’t exist as a physical object but has value,” including software, trade secrets, designs, and more. Intellectual property is particularly valuable to enterprises in highly innovative sectors, where IP assets could be more valuable than physical ones. Companies therefore need to safeguard against accidental and deliberate leaks of data, whether it be through unauthorized file sharing or a disgruntled ex-employee looking for ammunition. When put in the wrong hands, intellectual property could be used to poach clients, copy processes, and steal trade secrets; some companies have even had their intellectual property leaked to competitors.
With so much at risk, it’s not surprising that 71% of enterprises feel the need for better security. External threats like ransomware are rapidly growing, while phishing scams have become more sophisticated; in May 2017, some Google users shared their account access after clicking on convincing-looking links from users supposedly inviting them to view documents in Google Docs. Although word of the scam spread quickly, its wide reach demonstrated how increasingly complex these attacks are becoming.
Enterprise Security: Insider Threats
Enterprises also need to safeguard against insider threats, which are becoming a bigger concern; for example, 49% of enterprises are concerned with risk of data loss after an employee leaves. Disgruntled employees are in an excellent position to cause damage, and malicious insider attacks are most likely to happen 30 days before or after an employee leaves. Major vulnerabilities can occur when enterprises don’t act quickly and revoke employee credentials and access rights.
Employees can also be an unintentional threat to enterprise security through the way they access and share files. Employees unsatisfied with their current collaboration capabilities may adopt unauthorized workarounds, putting sensitive data at risk by sharing it through unsecure methods. This also causes a Shadow IT problem that makes it more difficult for enterprises to manage who is receiving files; unsurprisingly, 77% of enterprises want to manage access rights, and 60% want auditing of file sharing and usage. This type of management is especially important when files are shared outside of the enterprise, where a lack of file security could put information at risk. For example, in 2016 77,000 accounts from State Farm were compromised when cybercriminals accessed sensitive data from its marketing partners’ servers.
Enterprise Security Solution: What You Can Do To Protect Your Intellectual Property
To safeguard your intellectual property, begin by building up security around your most valuable assets — the “crown jewels” that would cause the most damage if stolen. You can then work on managing file access and sharing to make sure sensitive data doesn’t fall into the wrong hands. Enterprise file sync and share (EFSS) is a useful solution that allows IT to establish secure file sharing through user account permissions, oversight of file sharing, and authorized sharing to third parties. These types of security measures can help keep intellectual property and other sensitive data safe.