When you read the morning newspaper, daily articles detail the latest intellectual property, trade secret or personal information theft from commercial and government entities. On the commercial front, the stories primarily focus on high technology or financial institutions (such as Google or J.P. Morgan). Theft from manufacturing companies is often ignored. It is here where some of the most significant IP and data losses occur and often go unnoticed for months or years. Losses typically go undetected until a competitor comes out with a product that “looks just like “x” product” that was being produced by the targeted company(s).
Manufacturing companies produce a wealth of IP and innovation. However, the public and media (as well as the companies themselves) have been slow to recognize the threats. In order to effectively combat these threats, manufacturing companies must first identify the IP and data that represent the lifeblood of their organization. Second, they must understand how it is potentially at risk.
They must establish effective processes and procedures to safeguard their IP and data. It’s critical to institute monitoring technologies such as data loss prevention (DLP) tools and digital rights management tools. Additionally, employees need training and awareness programs to help them understand both the significance of IP and data protection and “how” they should both handle IP and data and report potential security violations.
The major issues common to classic manufacturing companies are:
- Non-security employees (engineers, line workers, admin and support staff, et al) are paid to “get the job done” and IP/data security typically takes a back seat. Training that emphasizes the need for each and every employee to take IP and data security seriously and “own” protecting IP and data within their environment is a MUST.
- Internal system constraints and legacy processes lead to potential IP and data loss. Secure Halo often finds that poor internal system design and/or lack of bandwidth leads employees to design broken business processes in order to “work around” system limitations. In one example, remote locations had trouble accessing sensitive design information. An employee was chartered to “print out” all documents that were needed for work. This led to the potential for physical loss of paper data but also allowed unauthorized personnel to see particular data and provided them with the ability to violate the “least privilege” practice of IP protection.
- Foreign joint ventures and suppliers need extra focus. This is a large area for IP and data leakage via either direct espionage or basic “losses.” A comprehensive system analysis is necessary in addition to sensitivity to cultural norms and legal requirements in various overseas locations.
These are just some of the challenges that commercial manufacturing entities face. Secure Halo is helping this significant and perpetually emergent manufacturing base acknowledge the threat to their sensitive IP and data sources and to implement protection measures to ensure these companies retain their industry advantages.
