Global fraud reports frequently detail pharmaceutical IP theft, and 2016 will be no different. In fact, 69% of the companies that were surveyed for a report in 2015 by Kroll, Inc. admitted fraudulent activity on servers and databases, with 13 percent of those specific to IP theft. Further, in January this year Financial Times reported a conspiracy where two GlaxoSmithKline scientists were charged with theft of trade secrets sold to China for billions of dollars.

Using a brand new type of firewall or changing the way your network is set up is important and will take some time to implement. However, there are a few things that companies can do immediately to combat intellectual property theft.

Here are some ways to decrease the risks of intellectual property theft without adding many new tools or procedures.

Establish baseline metrics
Use analytics tools to understand what typical usage looks like on your network so you can identify outlying behaviors and create alerts around this activity.

Set up an IT employee exit checklist
When employees leave, make sure logins and access to all programs are removed. This can seem daunting to do every time someone leaves, but it’s important in preventing unwanted access. Don’t be afraid to consult an employee exit checklist to help you remember.

Educate employees about internet risks
According to cybersecurity book Easy Prey, 45 percent of employers don’t provide internet safety training to their employees. Check out resources on common cybersecurity issues like social engineering attacks and ransomware to educate employees.

Create usage and internet policies
Each department should not have a different security policy. Assign one person to oversee security policies and contracts. It could be HR, a CSO or CIO, as long as employees know where to turn for security policies and issues.

Setup remote access policies and education
When working from home, employees can get a little lax on security. Educate remote employees about what they can and cannot do from their home or makeshift on-the-road offices.

Device upload and download procedures
Malware that can capture credentials or share intellectual property is easily downloaded. Create procedures to ensure that devices connected to the network are required to get explicit permission from the user or administrator to download or install.

Backup anything important
Whether it’s a company blog or a tiny dataset, if it has any value to your organization, it’s worth backing up and ensuring those backups work.

Double check access permissions
In larger networks, it’s easy for users to slip through the cracks and have access to areas they shouldn’t. Granular and regularly updated user permissions go a long way in protecting data.

Not all of these suggestions are technical, so they may be easier to implement by non-tech staff, resulting in a higher adoption rate. If you are concerned about the cost of the technical suggestions, don’t buy what you don’t need, but do make sure you choose tools that employees will use (i.e., something as close to their typical work routine as possible), but also ones that provide oversight of activity for IT. Auditing and analytics in some file governance platforms enable direct oversight anytime files or important data points are moved or removed from the database.

---

John Hurley
SmartFile

John Hurley is chief executive officer of SmartFile. He has more than 18 years of Internet software and leadership experience. Prior to starting SmartFile, John was president and co-founder of Webexcellence, one of the largest web development firms in Indianapolis. John worked with companies such as Delco Remy, Angie’s List and NCAA to develop rich web applications. Also, while working at Webexcellence, John played a key role in the startup phase of ExactTarget. John is president and co-founder of SmartFile, which provides and secure file sharing and file management.