This blog post aims to provide preventive measures and also help identify where the IP leaked from through analysis and forensic examination of the suspect’s computers and mobile devices.
Prevent IP theft
The first step is to undertake an analysis of your internal network. Begin by identifying your digital assets: what are they, where are they stored, who has access to them, are the assets backed up? Also, address your wider IT policies and practices. Do all employees and contractors, etc. have access to confidential information? Are they allowed to access web mail such as Gmail and Yahoo or online messaging systems, which allow them to send attachments out of the organization? Can they save files to USB sticks? Did your analysis show that the use of email and online messaging services is widespread? Your internal review may reveal that the whole organization can access the client database which contains your creative work. This is problematic because access to assets of value should be granted only to staff members that need to access them. Limiting the access to your database can help pinpoint which members of your team have an intimate role in working with the creative work and thereby making it easier to tracing who was responsible for the leak.
After you’ve conducted a thorough analysis, the next step would be to proceed with the necessary changes. Restricting your working practices will have the dual effect of protecting your IP and also altering to data security and whether they are aware that their employer has measures in place to prevent and detect it. If not, consider how this can be rectified. If restricting private information within the Company is impractical for any reason, perhaps the middle ground could be to delineate and clearly inform every employee of their permitted and not permitted to do with the company data and they can also arrange training to raise risk awareness among staff.