Column: Checklist to safeguard your intellectual property

Intellectual Property (IP) is a business owner’s most valuable asset, because it hosts a company’s key differentiators, born from innovative thinking.

IP can be a concept, invention, scientific discovery, computer algorithm, literary work, creative mark/symbol or business strategy.

Proactively protect your IP — just as you would your family or your home — from both internal and external threats.

Legal Protection

Three types of laws protect IP from unauthorized use by others: Trademark, Patent, and Copyright. An IP attorney can advise you on the protection your business needs.

Physical & Electronic Protection

Make sure your physical and electronic environments are secure.

1. Security Audit

Do a thorough assessment of your current security methods, barriers, procedures, and protocols for both physical and electronic company assets. Here are some thought-starters, but consider hiring an outside expert to help with your assessment, identify any gaps, and make recommendations.

• Do you have written policies and procedures in your Employee Handbook (and other employee communications) that address protection of proprietary information and intellectual property?
• Do you restrict access to specific assets, and outline Who, What, Where, When, and Why certain types of employees have the authority to access company assets?
• Are there mechanisms that actively control that access?
• Are there consequences if employees violate your policies and practices?
• Do you actively train new employees on all your security practices?
• Do you refresh that training with all employees annually to reflect new threats?

2. Activate a Secure Culture

• Refine your written policies and procedures to communicate your company’s commitment to security…and management’s expectations of employees
• Articulate the financial cost of a physical or cyber security breach, in both real dollars and reputation
• Train all employees on new company policies and procedures when you issue them
• Publish all company policies and procedures and put them in all your employee communication channels
• Make sure that management figures consistently demonstrate a commitment to security
• For employees housed in government agencies, make sure the agency’s project director (or designee) trains your employees on their physical and electronic security policies from the start

3. Go Beyond Basic Cyber Protections….Way Beyond

• Regularly update software protections, systems, and access procedures
• Install backup systems for internal and external servers
• Monitor and regularly test systems to spot potential intrusion attempts
• Ensure all electronic devices have security mechanisms restricting access
• Install GPS tracking technology on mobile devices
• Configure computers to restrict the use of flash drives, USBs, and other devices that transfer data
• If you have multiple offices or hire off-site or remote employees, create secure access channels to share information

4. Proactively Manage an Employee Exit

Companies are particularly vulnerable to IP theft at this time.

• Back up important data before the exit meeting with the employee
• Deactivate employee access to electronic systems simultaneously with the exit meeting, or install identity software to prevent the employee from accessing work-related applications
• Review an Exit Checklist with the employee and
• Immediately collect company electronic equipment
• Erase company data from personal devices
• Collect access badges, key fobs, keys, etc.
• Secure a written acknowledgement of the company’s policy on protection of proprietary information and IP

5. Know Employee Rights

While safeguarding your company’s IP, exercise caution that you do not compromise employee rights while doing so.

• Labor Laws vary across federal, state, and local lines. For example, some states require the disclosure of workplace monitoring to employees.
• Ensure your policies and procedures do not violate the National Labor Relations Act (NLRA), Electronic Communications Privacy Act (ECPA) or the Fair Credit Reporting Act (FCRA).
• Consult with a certified HR professional or Labor Law attorney to determine what applies to your company.

6. Create a “Security Incident Response” Plan…Before You Need One

  No one wants to create a plan to address a hypothetical security incident. That said, it is better to have a plan in place versus trying to create one under stress.

Create three (3) Communications Plan Templates, one each for the

• Management Team, outlining how they will coordinate;
• Employees, telling them what you want them to do (or not do);
• External Audiences, as required by law and/or good business judgment.
• Determine what resources (internal/external) you need to:
• Identify the source of the security incident;
• Stop the problem and close the gap;
• Remediate your physical and electronic systems to restore normal operations;
• Review, test and update your plans annually.

Your business is your baby...and your most valuable asset.

Sally Munn is a Business Profitability Advisor at Insperity. Insperity’s unique business model and plug-and-play services help small businesses increase profits, develop new operating efficiencies, create predictable Indirect costs, and ensure compliance. across federal, state, and local lines. Insperity has 60 local offices across the U.S., and Sally is anchored at the Insperity DC Metro Area office. Contact her at sally.munn@insperity.com.

Certifications process for WOSBs delayed

House Small Biz Committee: If you don’t like the testimony, ignore it?

CR expiration adds uncertainty

Trump budget eliminates these small agencies

SBA loses 5% in Trump budget

Column: Checklist to safeguard your intellectual property

Washington Insider: