IP theft. How to stop a trusted employee from walking out with your Intellectual Property

Intellectual Property (IP)  theft is huge.   It can cripple a business but little is done to protect it in the real world.   Yes you can use a solicitor and the legal system with cease and desist orders but by the time that happens the bulk of the information that maybe in an ex employees head has already been downloaded, sorted and diversified.

Most of the time there is little indication that the trusted employee is unhappy, is looking for another or better job or thinking of moving.   They just come in one day and resign.   Most of the time it is about there that the panic sets in.   It is not until later that you think about the little things like IP.

Where does that leave your business.   In most cases in a large hole.   The employee could have been involved in sales and marketing – there does your sales funnel and maybe all of your contacts.   They could have been involved in research and development – there goes your new ideas and the business development.   What about all of that social media information that they have been privy to – that going to be a problem as well.

Recently there has been a case where a company took an ex employee to court over their Facebook and linked in contacts, saying that those systems and the information that they contained were the companies IP for the business and cannot be removed.

So what can you do about it?Don't lets someone steal your intelectual property

Contract

The best place to start is actually when an employee starts, get them to sign a contract that will restrict the use of the knowledge that they will have when they leave.   The contract should be similar in ways to the situation that arises when an owner sells a company.   A restriction on the use of the information that they have privy to and the uses of that information and knowledge when they leave.   Although this is not airtight it does slow down an ex employee from using the information that they may have access to.

Background checks

No matter what, with a new employee always do a background check.   Although an ex employer cannot say bad things about an ex employee the right questions can gain an insight into the employees attitudes and professional outlook.

Poaching

If you have ever been in a situation where you have lost a trusted employee to poaching then you will understand the gut reanching disappointment that it produces.   The problem is that if you are in the mind set of poaching off your competition you know the reason why it happened.    Most of the time a poached person is targeted because they have the knowledge and contacts to help the new business or they have the knowledge that the new company needs to be better in the market place.   Either way the original employment contract will go a long way to protect you from this type of problem.   A cooling off period imposed by the old employment contract of 6 or 12 months can greatly improve your chances of not loosing people to poaching.

Compartmentalize your business

This is probably one of the hardest things for a small business to do, mainly because of the size of the business.   A larger business can have separate people doing separate critical components of the business whereas a small business does not have that lucsury.   This is where technology can come into the equation.   The correct systems and technology will protect the business information from being emailed to home accounts, downloaded to tablets, phones and USB drives or moved into more accessible areas of the business structure.   These system and technology can also audit when exports are done from critical business systems.   With companies whose IP is software or design then systems like source safe are a necessary evil for your business. You cannot stop people from doing it the old fashioned way – bring up a record and then writing out the information – but they would have to be pretty dedicated for that to happen.

Most small and medium business and not for profit organisations have an understanding on the type of people they try to attract.   This attraction also becomes a component of the businesses resilience and if done correctly, can influence who they hire.

If the ex employee is a partner in the business then you have more pressing problems with the breakup than protecting your IP.   In this situation there are going to be more volatile discussions.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.