Wednesday, December 31, 2008

Budget Booster #493 - Economic Espionage, UP

"The Cold War is not over. It has merely moved into a new arena: the global marketplace." -- The U.S. Federal Bureau of Investigation

The U.S. Federal Bureau of Investigation also notes that foreign competitors try to find economic intelligence in three ways:
1. Aggressively targeting and recruiting susceptible people, often from the same national background, working for domestic companies and research institutions.
2. Hiring or bribing people to steal information, search through dumpsters and tap telephones.
3. Setting up seemingly innocent business relationships between foreign companies and domestic enterprises to gather economic intelligence including classified information.

During a recession, expect external and internal problem to increase...

Twelve Internal Spybusting Tips...

1. Recognize the threat. Economic espionage is more likely to happen if your business isn't prepared. Once the risk is acknowledged, management must take an active role in ensuring that the company puts into place tactics to effectively combat theft. Prime example.

2. Know the criminals' methods. Confidential information is often stolen, concealed or carried away. Data can be copied, duplicated, sketched, drawn, photographed, downloaded, uploaded, altered, destroyed, replicated, transmitted, delivered, mailed, communicated, or conveyed.
(Electronic eavesdropping is also common and very effective. Fortunately, you can discover it easily.)

3. Monitor database access logs. Many fraud detection engines can be used to keep an eye on the number of times a database is accessed, as well as the number of documents that are printed by each user.

4. Encrypt electronic files so that they cannot be read or taken off the premises.

5. Mark as confidential any sensitive documents, photographs and sketches.

6. Prohibit photocopying of trade secrets and other sensitive company information. Consider forbidding cameras on the premises, including those included in cell phones.

7. Remind departing employees during exit interviews of their obligations and your company's trade secret protection policies.

8. Warn all staff to change their passwords if there is the slightest chance they may have shared them with a former employee. Colleagues often share passwords even when that practice violates an enterprise's policy.

9. Coordinate denial to both the building and computer accounts as soon as an employee leaves the business. Let colleagues know a person has left the company. Otherwise, they might unwittingly allow a former employee on the premises.

10. Maintain logs of employees in the company who have rights to access trade secrets.

11. Review technical literature, service manuals, press releases and other material distributed outside the company. Similar reviews should be made of regulatory filings and patent applications. Watch what employees disclose at industry trade shows.

12. Consult with a forensic specialist to help your business set up the appropriate infrastructure to detect, classify and protect the intellectual property. Trade secrets are the core of your company. (more)