find the latest legal job
Senior Associate - Litigation & Dispute Resolution
Category: Litigation and Dispute Resolution | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· Come work for a firm ranked in Lawyers Weekly Top 25 Attraction Firms
View details
Associate - Workplace Relations & Safety
Category: Industrial Relations and Employment Law | Location: Brisbane CBD & Inner Suburbs Brisbane QLD
· Employer of choice · Strong team culture
View details
Freelance Lawyers
Category: Banking and Finance Law | Location: All Perth WA
· Freelance opportunities through Vario from Pinsent Masons
View details
Freelance Lawyers
Category: Other | Location: All Adelaide SA
· • Qualified lawyer with a strong academic background
View details
Freelance Lawyers
Category: Other | Location: All Melbourne VIC
· • Qualified lawyer with a strong academic background
View details
Smart ways to protect IP internally

Smart ways to protect IP internally

A business’ intellectual property not only needs to be protected from rivals but also from people within the business – employees who might leave. Mark Garnett writes.

A business’ intellectual property not only needs to be protected from rivals but also from people within the business – employees who might leave. Mark Garnett writes.

Intellectual property (IP) has a value to a business that sometimes cannot be accurately measured, although it is recognised as a valuable asset. 

Considering this, it is surprising that there are still some organisations that do not protect their IP sufficiently from their own workforce.  It is common for a business to take very specific and controlled measures to protect itself and its IP from external threats, but not from the people who have unfettered access to business information.  While an organisation will generally and inherently trust its workforce, there are still some simple steps that a business can take to protect this valuable asset from those employees who breach that trust.

In protecting its IP, a business must balance the needs of employees to have access to the information with a need for the business to secure the information from theft.  The illicit copying of IP by employees leaving an organisation is still a very common problem faced by businesses today.  As some employees seek to increase their worth to other potential employers, the temptation to steal IP and use that to increase their overall worth sometimes proves too great.

Copying and removing large volumes of electronic information from an organisation is becoming easier as the overall general knowledge of computers among the workforce increases and access to extremely large storage devices has become commonplace.  Given that hundreds of millions of pages of documentation can be stored on a device small enough to fit into your top pocket it is easy to see why the protection of IP is so difficult.

It may seem futile to think that a business can protect its information from theft or unauthorised access, but this is not the case.  While it would be naïve to believe that any system cannot be compromised in some fashion, a business can make itself a much less tempting target from internal threats by adopting several preventative measures. 

The threat of internal theft of IP can be minimised by taking several precautions: 

  • Implementing some form of document management system, at least for critical and highly valuable IP, which maintains an audit log of who has accessed what and when is important.  When investigating the suspected theft of IP, one of the most common problems is identifying enough information to confirm or allay the suspicion that information has been taken.  Having a system that retains an audit trail identifying who has access to documents and when can help to minimise this deficiency
  • Educating employees about the risks and ramifications associated with the unauthorised removal of IP assists in preventing theft from occurring.  Ensuring that employees know exactly what is required of them and what will occur should they remove IP from the business is a key to prevention
  • Implementing sufficient IT security policies with respect to the use of storage devices, such as thumb drives and external hard drives, by employees helps to control their usage.  Monitoring and controlling the use of external storage devices ensures the business can control who has permission to use the devices and what the devices can be used to store.  It is common for businesses to provide no control over the use of such devices and, as a result, an employee can effortlessly copy millions of pages of documentation without the business being aware of any such activity
  • Implementing an email monitoring system that records who sent what email to where helps to control dissemination and assist in the investigation of IP theft.  A common method of removing IP from a business is removal via email.  IP can be attached to email messages and sent to external email addresses, thus removing the document from the control of the business.  Implementing a monitoring and control system ensures that copies of email messages are retained and logs of activity generated to support any review or investigation of suspected theft
  • Implementing appropriate internet security measures is also important for prevention.  Related to email, there are many instances where an employee has circumvented the corporate email monitoring system by using a webmail application, such as Hotmail, to email sensitive documents out of the organisation.  Ensuring employees do not have access to webmail can prevent this from occurring
  • Finally, adopting a process of review when employees at or above a certain level leave a business aids in prevention and the identification of issues.  Some businesses have implemented a process by which they review the computer systems and email accounts of all employees at or above a specific level when they leave the business.  Employees are made aware of this and are unlikely to take IP in the knowledge that their computer systems are going to be reviewed regardless.  In addition, if IP had been stolen, then the probability of identifying it is greatly increased.

Whilst the theft of IP is a real risk faced by businesses today, there are steps that an organisation can take to minimise this risk.  By taking steps to protect itself, an organisation ensures that one of its most valuable assets, IP, stays within the control of the business.

Mark Garnett is the leader of the Forensic Technology team in the Sydney office of boutique advisory firm McGrathNicol.

Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Smart ways to protect IP internally
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Oct 20 2017
Podcast: One of law’s most infamous alumni – in conversation with Julian Morrow
In this episode of The Lawyers Weekly Show, Melissa Coade is joined by The Chaser’s Julian Morrow....
Oct 20 2017
High Court overturns ‘excessive’ anti-protest legislation
Bob Brown’s recent victory in the High Court over the Tasmanian government was a win for fundament...
Oct 20 2017
Changes to Australian citizenship laws blocked
Attempts to beef up the requirements to obtain Australian citizenship were thwarted this week, after...
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...