My company recently got into a dispute about intellectual property. The lawyers for the other side came back and showed us that employees at our company had sent this information to partners and customers without an NDA. My company now is going to settle the suit; what could we have done better?
My company recently got into a dispute about intellectual property. The lawyers for the other side came back and showed us that employees at our company had sent this information to partners and customers without an NDA. My company now is going to settle the suit; what could we have done better?
Content monitoring and filtering technology is an IP protection tool. It allows companies to locate the roots of IP-sensitive data and information - and implement legal, policy, personnel, process, and technology protections to safeguard it. Protecting IP requires a sophisticated solution that can recognize sensitive content in all of its variants and amorphous forms. To be useful, many companies need the content monitoring solution to incorporate complex intelligence to distinguish circumstances that represent risk from those that do not.
IP concepts provide a means to define - and therefore detect, monitor, and control - unique content, in all its permutations. The ability to monitor by context, such as who sent what, where, when, and how, and to use content variations to account for the amorphous nature of IP, contributes to a company's IP protection. Likewise, for some companies the ability to search an archive and explore the historical context of an incident adds to the depth and value of the protection.
Based on interviews done with customers as part of a recent study, Pro-Tec Data found an adaptive feedback loop is used to address these IP assets:
Companies define their IP, including typical and derivative representations.
Monitoring technology is used to scan the network, including servers, email gateways, and user machines, to discover IP at rest and the circumstances of its use and transmission.
Companies use the results of the discover process to develop IP fingerprinting concepts, which incorporate the circumstances of IP use and transmission and which also distinguish sensitive from non-sensitive information and authorized from unauthorized transactions.
Advanced technology monitors for IP content using multi-vector, concept-based detection and alerts companies to rule violations.
Companies investigate rule violations by searching a capture database, which allows them to understand the historical circumstances of the security incidents.
Companies refine IP detection mechanisms to incorporate lessons learned and eliminate false positives. As a result, companies continuously enhance the accuracy and effectiveness of their IP protection strategies.
As is clear from the process described above, the customers may rely on capturing critical events related to content traversing the network in a central database to investigate security incidents and get historical perspective. At one customer site, after receiving an alert that an engineer used file transfer protocol (FTP) to transfer the company's source code to a server on another company's network, IS used the capture database to review all of the employee's FTP activity and all his correspondence with the company to which he sent the source code. The capture database also allows companies to investigate security events that are triggered offline, such as the activities leading up to an employee's resignation.
In addition to providing an important IP protection tool, content monitoring and filtering technology also provides other tools:
* An investigation tool for security incidents
* An awareness tool for employees and management
* A prioritization tool for IT security
* A productivity tool for HR management.
Content monitoring and filtering technology is relatively new. As it matures and more companies use it, the benefits of and concerns about this technology will certainly evolve.
Have a question for our Insider Threat columnists? Drop us a line.
Naomi Fine is the president, CEO, and founder of Pro-Tec Data and works with world-class companies to help them manage and protect confidential information and intellectual property. Prior to Pro-Tec Data, Fine was a business attorney counseling high technology companies on protection, licensing, and other transactions related to intellectual property. She can be reached at nfine@pro-tecdata.com.