Should government intervene in the protection of corporate IP? This is the thought provoking question that needs to be answered in light of the recent loss of corporate IP mainly to emerging economies like China? Is the government a stakeholder when IP is lost or stolen?

From a government perspective there are numerous issues that happen when a company looses its IP to a foreign competitor. To name a few an obvious impact on government is the loss of revenue in the form of taxes that can be directly or indirectly linked to that IP. Another impact for government is the unemployment benefits that have to be paid as a result of loss in revenue.

In the UK small businesses form almost 80% of the economy and a considerable number gain their competitive edge through intellectual property rights and trade secrets. Considering the impact these businesses have on the economy as a whole, tax breaks should be given to these businesses to enable them invest in protecting their IP and trade secrets, as well as setting aside funds for any legal challenges.

Such tax breaks are bound to yield a return for the government in terms of safeguarding jobs and increased tax revenues, overall it is a win win for all involved. The competition coming from the far east is a reality that is quickly catching up with the western economies, and the protection of IP and trade secrets is of great concern to governments in the west.

In the recent visit of the Chinese premier to the United States, the protection of IP was one of the key agenda items that was discussed. Nevertheless, the governments in North America and Western Europe need to be seen to play an active role and continue dialogue with various industries on the best way forward to achieve IP and trade secrets protection.

Cara Garretson has written an interesting article in the State Tech Magazine on using Enterprise Rights Management tools to help government agencies protect their most sensitive documents.

Cara puts forward a solid case why agencies should adopt Enterprise Rights Management. I believe that 2011 would see the highest rate of adoption for Enterprise Rights Management, as WikiLeaks remains centre stage and many emerging nations turn a blind eye to intellectual-property theft.

To read Cara’s article in the State Tech Magazine click here.

If the survival of your organization revolves around patents and the protection of intellectual property then read what James Dyson, the founder of Dyson vacuum cleaners has to say about why businesses need to keep their eyes on the ball, when it comes to protecting their IP as well making sure the patents are watertight and properly registered.

Access the full article by clicking here

Fasoo.com, Inc., a leading enterprise rights management solution provider, will be  launching its latest mobile enterprise rights management solution, Fasoo Mobile Gateway at the RSA Conference in San Francisco from February 15 - 17, 2011.

Fasoo Mobile Gateway extends enterprise digital rights management to mobile computing and enables organizations to apply rights management policies to documents downloaded onto smartphones and tablets. The documents protected by enterprise rights management can be accessed from iPhone, iPad, Android devices, etc. via the Fasoo Mobile Rights Management App. With consumer technologies continuing to infiltrate the workplace, the new mobile solution will enable businesses to better manage and protect sensitive information, much of which is accessed from these unprotected devices. In fact, more than 76 percent of consumers surveyed use their smartphones or tablets to access sensitive or business information, according to a recent global study by Juniper Networks.

Fasoo Mobile Gateway supports various native file formats — such as Microsoft Office, PDFs, etc — on mobile devices. These documents can be accessed from the Fasoo Mobile Rights Management App, without changing file formats. The solution also enables organizations to constantly protect files; control file access privileges of users, groups and/or environments; and track activities of users and files, in addition to changes in configuration.

“Businesses have traditionally struggled to extend protection of their documents outside of the organization. But with mobile devices becoming so ubiquitous, it’s critical for businesses to protect sensitive content — even beyond the walls of their organization,” said Dr. Kyugon Cho, Fasoo founder and CEO. “Fasoo’s new Mobile Rights Management solution effectively fulfills diversified security requirements for mobile devices without compromising mobility and flexibility.”

To learn more about Fasoo, visit www.fasoo.com. The Fasoo stand will be at booth #533 at this year’s RSA conference.

Source: March Communications

Over the weekend I read an article posted on Infosec Island titled “Putting an End to Data Breaches as We Know Them” by Robert Siciliano. Having read the article and the comments I came to the conclusion that even information or data security experts do not fully understand what enterprise rights management is.

So here is the underlying problem; if IT security experts do not understand the full capabilities of enterprise rights management, how can they effectively communicate the benefits or shortcomings to their employers or clients? For me the article on Infosec Island revolves around whether ZafeSoft is enterprise rights management or not.

Even though throughout the website the phrase ‘enterprise rights management’ or ‘information rights management’ is not used, the writer deemed it to be superior to “other” enterprise rights management solutions out there. On the other hand having read through the ZafeSoft website and the features of their products I came to the conclusion that ZafeSoft is enterprise rights management.

Read More

ProSTEP iViP is hosting a seminar targeted at engineering companies titled “Protecting Engineering Data with Enterprise Rights Management” in Stuttgart, Germany from February 9-10, 2011. With a rise in the theft of intellectual property in 2010, engineering companies need to invest in their future and the future of their employees by deploying Enterprise Rights Management. Companies like Intel have adopted Enterprise Rights Management, come and see the reason your company should.

Attend this seminar to have all your questions answered on protecting your IP and confidential data with Enterprise Rights Management. Call Yvonne van der Steeg on +49 (0) 6151-9287-446 or email her at yvonne.vandersteeg@prostep.com for a late registration as there may be a few places left.

For further information please visit the ProSTEP iViP website.

Intel recognises enterprise rights management as core to its future and the future of its employees according to its IT performance report for 2010 - 2011 titled “Delivering Competitive Advantage through IT” in which it said,

“We are implementing a secure integrated collaboration solution for our design engineers, with the goal of protecting Intel’s intellectual property while helping to accelerate silicon design. The new solution protects information at all times during creation, storage and transmission, using encrypted files and content repositories with enterprise rights management. This helps engineers be more productive by eliminating the need to secure data using manual methods. We began piloting the solution in 2010 in preparation for widespread deployment in 2011”.

Intel is surely leading the way for companies that depend highly on their intellectual property to survive, and if it is important for Intel to invest heavily in data security, it should serve as a wake up call for businesses especially technology businesses that have a liberal attitude towards the protection of its intellectual property.

Employers warned over data security as High Court data theft disputes rise by 313% and first Data Protection Act fines are issued.

Read the entire article on the Telegraph website: http://www.telegraph.co.uk/finance/businessclub/8157244/Companies-warned-as-data-theft-disputes-surge.html

In light of the recent fines imposed by the Information Commissioners’ Office I am yet to read any criticisms as to why it imposed the fines on the Hertfordshire County Council and Sheffield-based A4e. In fact what I am hearing is that the penalty did not go far enough.

According to eWeek Europe online, British consumers would be in favour of stronger regulations for organisations that expose the personal data of their customers, with four out of five supporting mandatory breach disclosure laws, according to a survey carried out by OnePoll and published on Thursday by LogRhythm.

Read More

Yesterday in Michigan, USA a former Ford employee admitted to a theft of $50 million worth of trade secrets and pleaded guilty. The problem with news like this one is the focus is always on the villain and how he or she carried out the crime.

The question that comes to mind for me is how on earth could Ford be so vulnerable to enable an employee steal so many documents in the first place? This should never happen in the first place, especially where you are dealing with something that represents the life blood of an organization.

Read More

By Ron Arden

I was reading an interesting article in SC Magazine about how a transportation strike in London may be a cause for data loss in the workplace.  The article quotes Mark Darvill, director at AEP Networks, saying about the strike that “… will drive employees to take vast amounts of confidential data out of the office leading to ‘briefcases around the capital becoming data loss ticking timebombs’.”

I never really thought about a strike, or bad weather, or even a holiday being a potential security breach.  Many of us take information home on our laptops to work during the evenings or weekends.  Much of it is not confidential, but there is probably a percentage that is.  It may depend on the industry you are in.  If you are in financial services or healthcare, you probably have access to more confidential information on customers or patients than someone in the transportation business. 

Most businesses and government agencies have procedures for handling confidential and private information as long as you are inside the company or agency.  If you have to work on something at home, there is usually a VPN to connect you to the company network.  That’s good for email and databases, but a lot of us tend to copy things locally when we work on them.  Even if they’re stored in a document management system, when you check them out, they are on your laptop.

Of course one answer to this is to never let anyone copy these documents onto laptops or other portable devices.  That might sound good, but it’s not practical.  There is a tradeoff of productivity versus security.  If there’s a snowstorm and I can’t get to my place of business, I still need to work, so I need access to documents.  If I have to go on an airplane, the same is true.  If I can’t, nothing gets done.

So how can you make sure that a tube strike doesn’t open your company up to a potential data breach? 

First make sure that any communications between workers at home and the business is through a secure connection, like a VPN.  If you have web based access to information, either using SaaS or an on-premise application, make sure it’s using https. 

Next, make sure that any documents going home are encrypted using an Enterprise Digital Rights Management system to control their access.  Even if they get into the wild, you can shut down their access, so they are useless to anyone other than the intended recipient.

Last is to make sure all anti-virus and malware software is current and functioning on laptops, desktops and servers.  This way a worker at home can’t accidentally upload a virus or malware into the corporate network.

This way you can let employees be productive when a strike hits your city or town, without worrying about giving away the keys to the castle.

Ron Arden is the Vice President, Strategy & Marketing at eDocument Sciences LLC a document solutions and enterprise rights management solutions company based in Amherst, New York. This post was originally posted on the eDocument Sciences blog.

Photo credit Annie Mole

Oracle information rights managment has just released a white paper which I believe defines the future of data leakage prevention and information rights management, also called enterprise rights management.

This paper is an excellent paper and a must read for senior executives, strategists, CIOs and information management and security managers. The introduction to the white paper is summarized below, while this white paper can be accessed by clicking here.

Introduction to the white paper
Organizations face the ongoing challenge of protecting their most sensitive information from being leaked. Two of the most popular solutions used to address this problem are Data Leakage Prevention and Enterprise Rights Management.

This datasheet explains how these technologies are highly complementary
and advises how they can most effectively be used together to provide a complete data leakage solution.

It also describes the integrations today between Oracle Information Rights Management and the DLP products from Symantec, McAfee, InfoWatch and Sophos.

The Office of Inadequate Security recently reported a major data breach at East Devon District Council where the personal data of almost 2,000 council workers was leaked. The incident happened when a former manager of the council sent the data in an excel file to a private email address.

The council says the incident was “unauthorised” and affects 1,891 staff, councillors, employees of Leisure East Devon and pensioners formerly employed at the council. This is a situation that could have been prevented using both Data Leak Prevention (DLP) and Enterprise Rights Management (ERM).

Read More

Has your organisation always shared confidential information with external partners? Is that relationship based on trust? Today many organisations are opening up their operations to external partners with the aim of cutting costs and increasing efficiency. For organisations that have developed a long term relationship with external partners, there needs to be an impact assessment on how introducing endpoint security tools like enterprise rights management will affect that relationship. If the management and operations structure of the partner remains unchanged it might be prudent not to change the current relationship.

Read More

I am a big Panera bread fan, I just love what they do with dough. I also happen to love baking, so given that I am obsessed with Panera’s cinnamon crunch bagel and cannot get it to buy in the United kingdom where I live, I decided to hunt for the recipe. To my heartbreak, it is a secret recipe nowhere to be found of the web.

I have even subscribed to Google Alerts to search for the term “cinnamon crunch bagel recipe” about 6 months ago and till today still no joy. This got me thinking that it is unlikely that Panera use Enterprise Rights Management to protect its secret recipes. When I watch TV programmes like Man v Food, Adam Richman visit some of the best restaurants in the United States where some of these businesses have been able to keep their secret recipes under lock and key for 40, 50 years or more.

Read More