Trade secrets are vital for some companies due to the income they get from selling their products. Consider Coca Cola and KFC: They are market leaders because they have something to offer (their recipes) that their competitors do not. If their recipes were leaked, exact replicas of their products would suddenly appear everywhere which would ruin their business models and profit margins. If nothing else, this example illustrates why such information needs protecting.
However, such information sometimes needs to be shared. Consider again the example brands mentioned above. When they open a new branch, they need to share the relevant knowledge on how to make their products so the output would be of the same standard as the other branches. Such sharing of information, unfortunately, has the potential to lead to losses as trade secrets may end up on a torrent site without any information as to how they got there. So, the sharing process has to be undertaken with the utmost care.
This means that companies should not only protect such documents in storage, they also have to protect them when they are being sent to other parties that need to see them and while the said parties are in possession of the documents. As the US government is well aware, this is a mean feat to pull off. Nonetheless, you can do it with the right tools. For example, a DRM system offers protection in the following ways.
Controlling Access
As you are protecting your trade secrets, you want to manage who gets access to which documents. An illustrative example would be that the janitor in your company does not need to know your trade secrets, while senior executives do. So once an employee is hired, he or she only needs to be provided with access to the information they need. Also, legal proceedings may require the sharing of some documents with outside parties. If you can be selective about who gets to see these documents and when, then you have a better chance to keep them protected.
This is all possible if the administrator has control over all documents at all times, even as they are in the hands of authorized user. As a default, the documents are locked to specific devices. So, a document can be locked to the managing director’s office desktop which means no one can access it from any other device. Even if by some stroke of wizardry someone copies it on to another device, the document will not open as the decryption key remains in the authorized desktop computer.
Revoking Access
In the case of legal access, documents only need to be available for the duration of the legal proceedings and, as such, the ability to revoke access afterwards is essential.
There are various options as to how to go about this. You can set an expiry date for the document, after which access will be denied to all persons. Or you can configure expiry on a user basis. You can also set the number of days allowed for use, the number of views, and even the number of prints, if you were to allow printing.
You can also revoke access at a moment’s notice for any individual or for a single or multiple documents. Different scenarios where this might be applicable include when an employee leaves your organization or has a change of job functions.
Monitoring Use
How individuals use your documents containing trade secrets could provide great insight as to their intentions. For example, how often do they open them? Which devices do they use? How often do they print documents? In which location do they mostly open such files? Having answers to these questions may tell you that a particular individual is a security threat and that you need to take action.
Of course, for this to work it requires you to have a team of individuals monitoring and analyzing the information as it comes in. Otherwise, you might take action when it is already too late.
Locking Document Use to Premises
Perhaps most important in the trade secret protection toolkit is ensuring that documents cannot be used outside the business premises. In this way, trade secrets will never be in the homes of employees where there is the highest risk of theft. Also, you can lock their use out of areas where outsiders frequent, such as conference rooms and your reception areas.
Conclusion
Most companies already try to handle the leaking of trade secrets by using the contracts they give to employees. Nevertheless, that is only half of what you need to do. You need to be more proactive and use a DRM system to control use. It offers more control and certain levels of certainty that your trade secrets will remain within the organization where they belong. If that is not worth a little extra investment, then what is?
