Editor's Note: This new bi-weekly column answers user questions about internal security risks. Viruses, worms, hackers, and other outside threats receive well-deserved attention, but companies must also protect intellectual property and private data such as Social Security numbers from the risk of inadvertent or deliberate leaks by insiders. Every other week industry experts will address insider threat issues that span technical, legal, human resources, regulatory compliance, financial, and other business areas. If you have questions for our experts, please drop us a line.

I consider myself an information security purist: my company's intellectual property (IP) is its primary asset, and an important part of my job is to protect the flow of information in and out of the company's worldwide network so that data on research, new molecules, new drugs, and other IP is not compromised or leaked to outsiders. Information security, which includes data privacy (I am also responsible for that), is so important to my company that it was split from IT security and is part of the company's business operations. As a result of my specialized role, I'm often asked about how to protect IP.

Protecting intellectual property has a high strategic value to almost every company. If competitors gain access to your IP, the cost is enormous; companies may commit millions of dollars to investigating new drugs, writing program source code, or developing new products. Smaller companies may store IP in a central database, while international companies may have employees around the world involved in research, development, and code writing-making it imperative to monitor traffic leaving and entering every location for IP. Companies also need to monitor communications with partners and with regulatory agencies they interact with, such as the Food and Drug Administration.

Companies with valuable intellectual property thus require comprehensive, direct content protection of the entire network. Just monitoring information that leaves via e-mail or IM or via specific ports is not sufficient; a comprehensive solution must monitor all information leaving or entering the company via any protocol and any port. Companies should also be able to discover information throughout the network by crawling repositories and individual PCs.