Your organization’s intellectual property, perhaps your most prized business asset, is at risk. In today’s increasingly accessible world, disparate storage silos create a seemingly infinite array of leakage opportunities. Without some sort of intellectual property tracking tool, your most important data can walk off without a trace.
Here’s the problem: cloud storage tools, whether that’s Dropbox, Amazon S3, SaaS email providers, sales tools or even Office 365, create vacuums that can unintentionally obscure data from an organization. Even on your network, local machines plus robust and illogical folder structures can hide your most invaluable information.
In this article, we’re going to walk through some intellectual property tracking strategies you can implement while also offering some high-level insight into the visibility of your intellectual property when it’s stored in off-network silos. At the end, you’ll also have the opportunity to become a beta tester for a new product in this space!
Where Is Your Intellectual Property?
It’s important to gain visibility into your digitized intellectual property. Here’s the problem: we tend to think of intellectual property as files or documents.
Really, intellectual property is information. To gain visibility into where your intellectual property lives, you need to start thinking outside the filename or extension. For instance, today’s CAD file on your encrypted NAS might become part of a much larger PDF that contains pieces of information from other places all loaded onto an unencrypted cloud storage provider like Dropbox.
Wait — Doesn’t My DLP Flag All That?
If you’re lucky enough to have a DLP or something like it, you’ll know it often comes with categorization or flagging features.
Those are great features, but flagging, tagging or categorizing only takes you so far. Often these tools do an OCR search and look for a few elements or try to match a complete pattern. For instance, does this document have a certain layout? Does it contain a numeric identifier, like a social security number or corporate ID?
Our example of a CAD drawing being converted creates a problem, though. You lose the traditional file format. When that single CAD file is added to a massive PDF, the file extension gets changed and there is a new owner — maybe in a new department. When this and other identifying information changes, the file becomes harder to flag.
Also, if the employee who created the PDF has a malicious intent or even just careless, they may have removed or hidden important identifiers. They could also be storing it on the cloud, which often takes an additional cloud DLP to block.
Intellectual Property Tracking: Gaining Visibility
As we have established, it’s important to think about information — not just files. What’s the critical information that supports your marketing department? What about accounting? What about information that is crucial to marketing, sales and the C-suite?
You need to find ways to categorize this type of information as it is a key indicator of importance. Here are some ways to do that:
- Create dedicated folders on your network where certain types of information must live
- Give managers the easy ability to add or remove access to those folders
- Take an offensive-oriented audit approach and know who has access and who is using their access
- Develop policies in conjunction with C-level management, IT and HR to ensure they’re enacted at every level of the organization
- Establish who is responsible for enforcing policies throughout your network
Let’s expand on a few of these quickly. First, when you develop your policy and set enforcement standards, make sure you get insight from key leaders at every corner of your business. For instance, blocking all file sharing tools might be detrimental and encourage Shadow IT — instead, switch to a secure file sharing solution like SmartFile for your team.
Secondly, invest in personnel resources that can be in charge of auditing all of the data in all the places it’s stored or shared. This can be costly but should be executed year-round, not just at audit time. Remember, you need to understand what cloud storage and communication tools are being used throughout your organization and start to track activity there as well. You also need to report that data back promptly for effective use.
Finally, when you backup your intellectual property, make sure you know where all the file versions are stored. If you’re in a compliance-focused industry, make sure you document the file movement and why the file move occurred.
That Sounds Expensive…
Intellectual property tracking is expensive if you do it manually. But it won’t be anywhere near as expensive as stolen intellectual property, which can put your organization out of business.
Intellectual Property Tracking: A New Hope
Imagine if you could gain visibility into your most important files without this manual labor. That would save you hundreds of thousands of dollars in manual labor and training each year. FileHub™ is a tool currently in development that gains insight from user and group behavior to help you understand where your most important information — not just your files — live.
This is done by indexing network, cloud and local storage while gathering in-depth analytics on file activity and user behavior. Along with patent-pending fingerprinting and scoring technology, FileHub™ looks beyond the file extension to aid you in your intellectual property tracking efforts.
Want To Become a Beta Tester?
We’re currently looking for beta testers for FileHub™ to help us understand the problems you face gaining visibility into your organization’s most important information. Contact us to learn more: