How to Secure Intellectual Property and Trade Secrets

Anything that has value is at risk of being stolen, and unfortunately, that includes your company’s ideas and information.

After all, intellectual property generates tremendous value in today’s economy. In 2019, American industries that rely on IP generated more than $7.8 trillion in gross domestic product, according to the US Patent and Trademark Office. Those companies employed about 44% of the workforce.  

So it’s probably not too surprising IP theft is a huge problem. Annually, it’s estimated to cost the US economy between $225 billion and $600 billion, according to the Commission on the Theft of American Intellectual Property

Securing your intellectual property, trade secrets and other sensitive information needs to be a top priority, but if you’re new to it, that can be a tricky process. How do you safeguard something as intangible as an idea? The good news is there are several policies and even physical defenses you can put in place to protect your information. 

Seek Legal Protections Where Available

Have you created a new piece of software? Or maybe you just developed a game-changing design for a new pickup truck? You need to seek a patent. The same goes for any artistic works or brand elements – you need copyrights and trademarks, respectively, so you protect your company’s exclusive use of those ideas. 

And should the bad guys try to steal them, you can seek justice (and damages) through the legal system. 

But there’s another category of intellectual property: trade secrets, which are processes, lists and other information that — if they were made public — would lose much of their value. Instead of registering this information with the government, the company protects trade secrets by … well, making sure they remain a secret.

Enforce Confidentiality with Signed Agreements

If you have trade secrets, you should protect them with legal agreements. 

Namely, require your employees, contractors and anyone else who interacts with your company’s sensitive information to sign nondisclosure or confidentiality agreements. Even creating a general code of conduct can be helpful. 

When you require people to sign these documents, you’re defining desired behavior and outlining the potential consequences, especially legal consequences, for failing to treat sensitive information appropriately. Remember, people can’t live up to your standards if you don’t tell them what those standards are. 

Take Inventory, and Label What You Find

To protect your sensitive information, you need to make sure that you’ve accounted for everything that needs protection. That could include not just your copyrighted or patented materials, but sensitive information like your client list, your marketing plans for the upcoming quarter or customers’ personally identifiable information (PII) that you could be legally accountable for guarding. 

Once you have an inventory of your sensitive data, it’s also a good idea to determine how sensitive it is. That is, how much trouble would it create for your business if a specific piece of data was stolen? Can you quantify in dollars how large the loss would be? Do that, and you’ll have a clear idea of how many layers of security you need to apply to that information. 

One word of warning: Fight the temptation to label everything confidential. If everything is “special,” then nothing is — and your team will be so numb that they won’t protect the files that really are sensitive. 

As part of the inventory, you should also determine where your sensitive data and documents currently live. You might discover that you’re keeping valuable information in a Dropbox folder that anyone can access, leading you to create a better, more secure storage system for your files.

You’ll need to determine who really needs access to specific pieces of information in order to do their jobs. Then set up systems that limit access for just those people and track when they interact with sensitive materials. And make sure you have policies to change their permissions as they’re promoted, changed departments or leave the organization

Invest in Data Loss Prevention Software

Data Loss Prevention (DLP) refers to a family of solutions that help defend against a range of data losses, both intentional and accidental. 

For example, some DLP solutions will notice if an employee is trying to email a sensitive document or data outside the organization and prevent the message from going through. Some DLP tools will set up a system that locks down files and only allows access after users have been authorized. 

Other solutions will scan files for data that might be personally identifiable — like credit card numbers — and prevent it from being transferred out of your network or, if it is allowed, encrypt the file and keep a record of where it was sent. 

By automating a significant part of your security, you make it that much harder for a bad actor to wreak havoc in your systems. 

Secure Your Physical Space

While it’s important to secure your company’s digital assets, you need to make sure that your physical properties are secure, too. Your server room, for example, should be locked and access should be controlled via a log or password. The same goes for any other rooms that might store physical copies of sensitive information, such as a records room or your bookkeeper’s office. 

The boldest thieves will also engage in tailgating, aka piggybacking. They’ll hang around the entrances of your building — maybe near the spot where employees like to take smoking breaks — and follow your workers back inside. From there, it’s usually pretty easy to find an unattended computer with an unlocked screen. Make sure your team knows to question anyone who doesn’t show their ID to gain entrance to your building, and teach them to lock their screen anytime they leave their desks.  

Think Like a Thief

The problem with prevention is that you’re up against motivated, clever people who will constantly look for ways to penetrate the shields you have built. The solution? You need to think like a thief and actively look for holes they could exploit in your security. 

Maybe you realize that someone could get a partial picture of your development plans by going through your office garbage. That could lead to an officewide policy of shredding all paper documents once they’re ready to be thrown away. 

Your team members might be able to spot problems, too. Your office admin might remember that your centralized office printer contains digital copies of every document that it processes. That warning could remind your IT team to ensure there are controls in place to delete those documents and protect them from any intruders on your office network. 

Even pieces of information that seem benign — like your company roster or a speech at an industry event — could be taken together to give competitors useful (and damaging) information about your company. 

Train Your Employees to Prevent and Spot Potential Theft

While you have to be alert to cyberattacks, remember that even the most sophisticated breaches often start because a human being accidentally let the bad guys into your system. Companies can increase their security by actively training employees on the most common types of breaches, whether that’s via email, SMS, phone or physical entry to your building. Employees should not only know how to spot these attacks, but also know exactly where to make reports about them. 

And this kind of security training needs to be regularly repeated. Even the most diligent team can let their guard down. You might consider hiring a service that regularly sends your team fake phishing attempts — employees who click a link or download an attachment from those messages could be targeted for extra training or coaching. 

Be Ready for Internal Threats

While many breaches are the result of carelessness, some are deliberate acts by employees with an ax to grind. You and your managers should be trained to spot disgruntled workers and address the root causes before those employees decide to do something drastic. Investing in an Employee Assistance Program is another way for struggling team members to find help when they need it, before they act out. 

Guarding your ideas and information takes careful planning and continued diligence, but the effort is ultimately worth it. Your intellectual property, your trade secrets, could be your company’s decisive edge in the marketplace. Don’t give up that critical advantage without a fight. 

The Takeaways: How to Secure Intellectual Property

  • Where possible, seek legal protection by obtaining patents, trademarks and copyrights for valuable information. 
  • Some information — including client lists, unique processes and other trade secrets — must be kept secret in order to maintain its value. 
  • Conduct an inventory of your sensitive information, and create a system that limits access to people who must have it in order to do their jobs.  
  • Use nondisclosure and confidentiality agreements to maintain the secrecy of trade secrets.  
  • Use technology and physical barriers to limit access to your most sensitive information.  
  • Train your team to spot potential signs of trade secret theft and report it. 
  • Think like a thief — constantly look for ways that bad actors could violate your security. 

At Chesley Brown, we understand that planning for the unknown can be daunting. That’s why we’ve built a framework that enables businesses to navigate and anticipate risk before it becomes a crisis. We are here to manage risk so you don’t have to. If you or your team have questions about how to secure intellectual property, our experts are here for you.

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

sign cautioning people to remain six feet apart at a shopping mall or retail space for COVID-19 precautions

2 Painless Ways to Transition Your Retail Business to Touchless Technology

By Chesley Brown | December 3, 2020

Why your business should be transitioning to touchless tech right now As a business owner in the retail industry, adjusting to the Covid-19 pandemic is a huge challenge. Nevertheless, you’ve crossed your t’s and dotted…

Read More
Family and friends enjoying a carefree holiday meal because they know to destress during the holidays

3 Overlooked Tips to Destress During the Holidays

By Chesley Brown | November 19, 2020

Bring home holiday gifts without the baggage It’s that time of the year. Some would say the most wonderful time. But for others, the lights and tinsel of the holidays evoke strong memories of the…

Read More

Top 5 Problems Facing the Retail Industry

By Chesley Brown | November 11, 2020

And the best ways to solve them We’ve all heard the Black Friday stories of fist fights breaking out in aisles of the local big-box retailer. To the average person, such stories are humorous. But…

Read More
family playing outside while traveling for the holidays

Holiday Safety Tips

By Chesley Brown | November 5, 2020

3 practical ways to stay safe in 2020 We’ve all heard humorous holiday tales. They make for great entertainment around the table during a turkey dinner. You know the stories–e.g., the time Uncle Frank fell…

Read More
police prepare for election day civil unrest as a political protest moves through a downtown area during a moment of civil unres

Election Day: Planning for Civil Unrest

By Chesley Brown | October 28, 2020

Protecting your business in the event of election day civil unrest requires planning. Here we discuss four proven strategies for Civil Unrest

Read More
The 7 Step Guide for Building Business Continuity Plans that Work