IP breach action plan: How to protect your company

At this moment, your company’s data faces three primary types of risks:

  1. Regulatory: the risk of leaking sensitive data, dormant data or personally identifiable information (PII) due to improperly following industry regulations
  2. Opportunity: the risk of missing chances to improve your product, service or bottom line due to overlooked information
  3. Intellectual property (IP): the risk of data loss resulting from failure to protect IP

None of these circumstances are ideal – nor are they entirely preventable. However, your organization can greatly reduce the likelihood of losing intellectual property by establishing employee access restrictions and creating a repeatable incident response plan. The below steps are critical in this effort.

Step one: Lock down your system.

Your systems should be locked down as a matter of policy from they time they are deployed to production. However, at the first sign of data exposure, restrict access to your most sensitive information until you learn more details about the situation. The key part in this action is knowing where that data resides in the first place – and exactly what it contains.

Step two: Evaluate employees’ access to sensitive data.

Who’s had access to critical data in recent days, weeks, or even years? How did they interact with it, and when? What were their roles within the organization, for what purpose were those roles assigned, and was access meant to be revoked at the conclusion of a particular project? Conduct a comprehensive search into behavior and access logs to assess the situation. Perhaps an employee was on her way out of the company and decided to take a significant amount of clients’ personal data with her – or perhaps a vendor or contractor with access to the system mistakenly caused a breach.

Step three: Take stock of your loss.

One security professional told me a story about realizing his former employee stole data containing IP in his last weeks at the organization – but the team had no way to determine the breadth of what information he took. They knew he had access to his clients’ filed credit cards and, as a protective measure, they cancelled all of the cards and warned the clients and partners affected by the change. It was a sweeping move that introduced a new risk to the situation: damaging the company’s credibility.

Step four: Notify those involved.

Consider how your employees, customers, and partners would perceive news of an data breach – especially if the data contained PII or shared IP. As demonstrated in the situation above, the news can potentially incur legal charges, bad PR, and loss of clients and employees. However, if you can’t determine the scope of a breach or contain it on your own, it’s your responsibility to notify your entire network that you’ve put them at risk in some way.

By thinking through your process for identifying, analyzing, alerting and recovering from a data breach, you can create an action plan that springs into place and helps the chain of events run smoothly. When your IP is at stake, your business is on the line – you owe it to your own work and community to be prepared.

Learn more about user access monitoring.

  Like This
John Joseph

John Joseph

President and co-founder of DataGravity, John Joseph leads company’s sales, marketing, operations and customer initiatives. John previously served as vice president of marketing and product management at EqualLogic, leading these functions from the company's initial launch through the successful acquisition by Dell in 2008. He subsequently served as vice president of enterprise solutions, marketing at Dell for three years after the acquisition.