Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and Management

How to Protect Your Organization’s Intellectual Property

By Jeff Schmidt
Light bulbs on a black background
March 1, 2012

In today’s business marketplace, with the need for virtual “anywhere, anytime” access to information, most companies are mindful of the inherent security issues – threats of attacks, individual devices connecting to the corporate network, data leakage and other forms of malicious mal-intent. With the “de-perimeterizing” of the corporate network, more end-user devices in the workplace and the proliferation of physical and virtual storage (Google, Dropbox. iDisk, etc.) – how do you keep your business “secrets” and proprietary data contained and secure within the corporate “vault”?

If you add into the mix the physical span and reach of the corporate entity from local to regional and global geographies – security challenges become even more significant – and complex. So where do you begin to ensure your corporate information is secure?

The key is to start with a few simple concepts. Implementing successful strategies to secure intellectual property isn’t about swallowing the elephant, but rather taking bites out of it, one step at a time. 

First, do you understand your risk appetite and how that applies to the crown jewels of your business? More importantly, are you aligned from an executive position within the company? If you are, then the starting point is to define the most critical information to protect – and what is non-critical data. For example, are there certain areas of your business that require more security and confidentiality than others? 

Start by defining the right structure, policy and processes – and then apply that information to the use case scenarios within your organization. 

Apply best practices in how data is treated across the business, including external entities that you may use to support your business. In simple terms, having good IT practice in how you communicate, store and move data is essential – not only within the enterprise, but as it extends to those you do business with as well.  

Next, address the security issues relating to access by end-user devices, a concept that’s expected to continue to mature. As we see the proliferation of end-user devices, both personal and professional devices, we must be able to apply to their use the right security framework while creating  translucent processes that are user aware but don’t necessarily require user intervention. It is somewhat hubris in our intent to believe we can prevent end users (permitted users) from finding ways to gain access to corporate data from their own devices. In part, this can be attributed to the demise of the eight-hour work day. We recognize that business requirements can surface anytime of the day, any day of the week. More and more frequently, companies expect their employees to be available “anytime, anywhere” to handle business needs; and those employees aren’t always in a position to grab their corporate computer and review a critical email or document. We need to be mindful that the enthusiasm with today’s end-user devices requires the ease of accessing corporate data – and the simplicity of carrying less technology resources with more power.

Hence, the education of end users regarding security issues is essential. No matter how good your policies are, the weakest link is not always a malicious user but often a well-intended user who takes the wrong route. 

Build the right security policies, be flexible and work to provide the right blend of enablement so you have control over the critical assets of the business without stifling productivity. In many cases, a user who is not educated on process and policy, who in the spirit of trying to do the right thing, ends up exposing the company. 

It doesn’t take a lot to explain why policies are in place and why they are important.  Go beyond just stating, “this is our policy.” Instead, explain to employees why the policies are in place to ensure corporate data is protected. You can’t please everyone all the time, but when someone understands the rationale behind the policies, they’ll more likely stay clear of actions that could potentially harm the company and its assets. 

As you develop and implement best practices to security network access, don’t forget the telecom side and the old “bricks and mortar” components of the business. Many companies are so focused on protecting their networks, they forget that the more traditional, “telephony” side of the business (phones, faxes and modems) present as much risk. And with the proliferation today of electronic gadgets, be mindful of refreshing (and reminding employees about) policies governing the protection of hard copies of documents and information, including hard copy plans, budgets and paper notes taken during meetings. All too often, it’s these hard copy items that are mistakenly left behind in the seat pocket on an airplane or in a taxi or bus or hotel room. 

And finally, it’s critical that you test your security processes on a regular, on-going basis. Find ways to monitor the environment to ensure that the right behaviours are taking place – and re-educate your employees continuously. Apply the right metrics to the businesses risk appetite and match that against the governance, risk and compliance aspects. Use that data in your board level discussions to effectively raise hot spots and where focus needs to be placed. Such facts are the most valuable resource to ensuring security policies are continuously kept current within today’s business environment.  

6 Steps to Protect Intellectual Property

  1. Starting with the right agreement from a business perspective is key to obtaining appropriate funding and executive support for successful security policies.
  2. Define your risk appetite and ensure you classify your data appropriately.
  3. Having good policies in place enables you to continue to drive best practices and know that as you make changes, they are applied in unison across the business.
  4. Educate, explain policy so you can achieve buy-in, measure expectations and continue to educate – “tools are fool proof, fools are not tool proof.”
  5. Test your business practices, inspect what you expect on a regular basis and adjust to meet the changing landscape.
  6. Look beyond the current issues to ensure you have the entire risk environment in focus.
KEYWORDS: corporate data protection cyber security information protection security threats

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jeff schmidt potrait

Jeff Schmidt is executive global head of business continuity, security & governance at BT Global Services. Previously, he managed the security side of BT’s business in the Western United States, where he had full profit-and-loss responsibility for the sales and delivery of networks, managed security services, consulting services and security software. He has more than 25 years of experience in leadership positions in the information technology business, including positions with Home Savings of America (now a part of JPMorgan Chase), Lucent, the California State Automobile Association (AAA), Paramount Pictures, and InCode Telecom Group (which has since become part of Ericsson). He joined BT when it acquired INS in 2007.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Generic image for Business Continuity

    How to Prepare for ‘Business not as Usual’

    See More
  • blueprint

    How to protect an enterprise’s intellectual property

    See More
  • cybersecurity

    How to select a cybersecurity framework to protect your greatest assets: People, property and data

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • contemporary.jpg

    Contemporary Security Management, 4th Edition

See More Products

Events

View AllSubmit An Event
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing