The loss Of Intellectual Property In The Digital Age: What Companies Can Do To Protect Themselves
The loss Of Intellectual Property In The Digital Age:
What Companies Can Do To Protect Themselves
Digital Revolution
l People being connected in new ways
l More information in less timel More oftenl Greater Distances
l Securing IP is a big concern for business
Cyber-based Threatsl Evolving and Growing Rapidlyl Competitorsl Malicious Employeesl Well-Intentioned Employeesl Criminal Groupsl Hacktivistsl Foreign Governments
IP is Valuable
l Design Costsl Manufacturing Costsl Marketing Costs
New Work Locations
l From Homel Hotelsl Coffee Shopsl Airports
Personal Devices for Work
l Laptopsl Smart Phonesl Tabletsl Desktops
Cheap Data
l Larger Capacityl Room to download A lot of stuff
l More Portablel Easy to conceal and move
Reasoning
l Innocent Reasonsl Working from Home
l Malicious Reasonsl Sell data to competitor
Symantec Survey
l Attribute ownership of IP to creator of itl Moving IP outside the company in all directionsl Often take IP with them when they leave
VW vs. GM
l Executives took 1000's of pagesl More noticeable in 1997 than nowl Photocopiedl Carried out of buildingl Lots of witnesses
l 100 Million Dollar Settlement
Starwood vs. Hilton
l Over 100,000 files stolenl Downloaded to laptop much more quicklyl No physical witnesses
l Value of data was 1 Million Dollars
What Companies Can Do To Protect IP
Data Encryption
l Whole Hard Drivesl USB Keysl Emails and Attachmentsl Individual Files
Mobile Device Management
l Bring your own device (BYOD)l Common todayl Security challengesl User privacy
Mobile Device Management
l Software Solutions l MobileNowl MobileIronl Zenprisel IBMl Symantecl Airwatch
Mobile Device Management
l Device Policiesl Control which features and apps can be usedl Authentication Requirementsl Specific polices for specific groups
Mobile Device Management
l Jailbroken Devicesl Pose a big security riskl Detect these devicesl Enforce greater controls on them
Mobile Device Management
l Updatingl Update OS and apps remotelyl All devices patched at same time
Mobile Device Management
l Applicationsl App Blacklistingl Block and revoke any app from any userl Track usagel App-to-app encryptionl Each app has it's own keysl AES256 encrypted
l Encrypt attachmentsl Prevent unauthorized copying and forwardingl Restrict Sharing of attachments to certain appsl Specify attachment types to encrypt
Home Directory
l Store all data in home directoryl Persistent and centralized location l Backupl Distributionl Many clients for all different platformsl All accessing the same directoryl Data easily located and wiped
Profiles
l Geofencingl Corporate data only accessible in certain locations
l Time-basedl Corporate data only accessible in during certain times
l Distributionl Documents distributed to certain users
Mobile Device Management
l Remote Lock, locate and wipel Lost or Stolenl Infected with malwarel User leaves company
Data Leak Prevention
l Works via deep content inspectionl Reads data to identify specific words, terms, or characteristics to indicate sensitivityl Does not prevent attacksl Limits accidental deletion or moving
Data Leak Prevention
l System figures out sensitive data on it's ownl Logs moving, copying, or deleting
l Can prevent user from emailing data out by making it write onlyl Requires a lot of fine tuning to get it right
Attribute Based Access Control
l Grants access to data based on attributesl Locationl Authentication Method
l Identifies deviation from norml Type of datal Time of accessl Location of access
Cloud Storage Providers
l Data integrityl Data is safe from theft, deletion, or other loss
l Access controlledl Read, Write, or aggregated views
l Data must be available when neededl Data safe in transit
Data Backups
l Policy for backing up datal Encryptedl Sent in a secure wayl Stored in a physically secure locationl Stored in multiple locations
Other IP Security Practices
l Train employees in security principlesl Good passwords or passphrasesl Protect credentialsl Social Engineeringl Alerting IT to malware
Other IP Security Practices
l Keeping logs of activityl Useful for analyzing attacks
l Intrusion Detection Systemsl Detection and response to attacks
l Control physical access to offices and server rooms
Other IP Security Practices
l Set Up user accountsl Give all users their own accountl Provide access to the least amount of data the user needs to do their job
l Set up firewall security for all internet connections