Best Practices for Protecting Trade Secrets

The threat of losing confidential information and trade secrets through targeted cyber-attacks is real, but a company’s own employees are more likely culprits. Fostering a culture of confidentiality is necessary to protect proprietary data, and it is key to demonstrating in court that data is entitled to legal protection.

Human resources and information technology processes, procedures and electronic infrastructure provide avenues through which the company can monitor employee compliance with policies. HR and IT objectives should be integrated to carry out a common strategy of securing proprietary data through technological means, and through non-disclosure agreements and restricting access to secure areas. The company should include data security, technology usage and confidentiality policies in its employee handbook or compliance manual. These policies should expressly instruct employees not to disclose or utilize proprietary data for any purpose other than the company’s business. They should also emphasize the fact that employees must not disclose any proprietary data belonging to prior employers or third parties.

Employees frequently misappropriate proprietary data shortly before or just after termination. Have a policy that requires employees to return all tangible and electronic information, and certify in writing that none has been retained. Prior to termination if the employee has provided notice, or immediately thereafter if the employee quits without notice, IT should disable all of the employee’s access to the company’s computer systems, including remote access and other platforms.