Boost Fertility New Invention Ups Success Rates.pdf
The Loss of Intellectual Property in the Digital Age: What Companies can d…
1. The Loss of Intellectual Property in
the Digital Age:
What Companies can do to Protect
Themselves
Christopher Kranich
2. The Digital Revolution
• People are now more connected
– More information in less time
– More often
– Greater distances
– Many security challenges for business
3. Cyber-based Threats to IP
• Sources evolving and growing rapidly
– Competitors
– Malicious employees
– Well intentioned employees
– Criminal groups
– Hacktivists
– Foreign governments
4. IP is Valuable
• Cost to design new projects or services
– Engineers
– Designers
• Cost to manufacture
– Proprietary processes
– Material sourcing
– Pricing information
• Marketing costs
5. New Work Locations
• From home
• On The road
• Businesses/public places
• Security
– More chances for deletion, theft of compromise
• WiFi networks
• Device theft of damage
• Over the Shoulder
• Co-mingling of the personal and the private
7. More Data
• Large capacity
• Smaller storage medium
• Cheap
• More cloud-based storage
• User can download a large amount of IP
quickly
• Malicious or innocent intentions
8. Reasons IP is Compromised
• Innocent Reasons
– Work outside of office
– Curiosity
– Recovered IP
• Malicious Reasons
– Do not like job
– Sell IP for profit
– Hacktivism
– For fun
9. Employee Views of IP
• Attribute ownership to the person who
created it
• Cheap, easily moved, copied, and manipulated
• Okay to take with them to their next job
Symantec Report
10. VW vs. GM
• Executives took 1000’s of pages
• Photocopied in physical from
– Secretary
– Other Witnesses
• Carried out in boxes of briefcases
• Lots of witnesses to IP removal
• 100 million Dollar settlement
11. Starwood vs. Hilton
• Over 100,000 files stolen
– Starwood luxury concept
• Hilton came up with their own version
– Board presentations
– Market research studies
– Valued at 1 million Dollars
• Downloaded to laptop
– Easy to steal data
– Quick, behind closed doors, portable
14. Mobile Device Management
• Common for employees to bring their own
device (BYOD)
• Poses many security challenges
– Corporate data vulnerable to theft, damage, or
deletion
– Hard to keep track of
– Corporate data and personal data on same device
16. Customizable Device Policies
• Control which device features and built-in
apps can be used
• Specify what the authentication requirements
are
• Apply specific policy sets to specific groups of
users
– Time, roles, types of data, location
17. Jailbroken or Rooted Devices
• Pose a big security risk
– Unstable or not updated
• Detect these devices
• Enforce greater controls for them
– Lock or wipe
– Ban from network
– Approved apps
– Vpn
– Device kept up-to-date
18. Centralized Updating
• Update OS and apps remotely
– Convenient and easy
• All devices patched at the same time
– All devices on same footing
– Eliminates specific vulnerabilities
20. Email Features
• Ability to encrypt attachments
• Prevent unauthorized copying and forwarding
• Restrict sharing of attachments to certain apps
• Specify attachment file types to encrypt
21. Data Storage
• Storage all data in a home directory
– Persisitent and centralized location
– Easy to set up automatic backups
– Easy to selectively distribute data
– Easy to track data and wipe if neccesary
– Can have multiple clients
• Different platforms accessing the same directory
22. Data Access Restrictions
• Geofencing
– Data only accessible in certain locations
– Prevents data from being accessed off site or an
area of the office
• Time-Based
– Data only accessible at certain times
• When employees are working
• When a project is active
23. Remote Lock, Locate, and Wipe
• Lost or stolen
• Infected with malware
• User leaves company
24. Data Leakage Prevention
• Deep content inspection
• Reads data to find high value IP
• Does not prevent attacks
• Limits accidental deletion or moving
25. Data Leakage Prevention
• System figures out sensitive data on it’s own
• Logs moving, copying, and deleting
• Prevents user from emailing data out by
making it read only
• Requires fine tuning
26. Attribute-Based Access Control
• Grants access based on attributes
– Location
– Authentication method
– Deviation from the norm
– Type of data
– Time of access
27. Cloud Storage Solutions
• Data integrity
• Access is controlled
• Data must be available when needed
28. Cloud Storage Solutions
• Policy for backing up data
• Data is encrypted in storage
• Data is sent to facility securely
• Data is backed up regularly
• Data is kept in multiple locations