Abstract image of a woman sitting on books and studying on a laptop

The Loss of Intellectual Property in the Digital Age: What Companies can d…

Download as PPTX, PDF
Christopher Kranich, profile picture
Christopher Kranich

This document discusses the threats to intellectual property in the digital age and provides recommendations for what companies can do to protect themselves. It notes that IP is increasingly being compromised due to the rise of mobile devices and remote work. It recommends that companies implement encryption, mobile device management, data access restrictions, remote wiping, data leakage prevention, attribute-based access controls, and employee training to help secure their intellectual property. Regular software updates, firewalls, and following basic security principles are also important protective measures.

Technology
1 of 32
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
The Loss of Intellectual Property in the Digital Age: What Companies can do to Protect Themselves Christopher Kranich
The Digital Revolution • People are now more connected – More information in less time – More often – Greater distances – Many security challenges for business
Cyber-based Threats to IP • Sources evolving and growing rapidly – Competitors – Malicious employees – Well intentioned employees – Criminal groups – Hacktivists – Foreign governments
IP is Valuable • Cost to design new projects or services – Engineers – Designers • Cost to manufacture – Proprietary processes – Material sourcing – Pricing information • Marketing costs
New Work Locations • From home • On The road • Businesses/public places • Security – More chances for deletion, theft of compromise • WiFi networks • Device theft of damage • Over the Shoulder • Co-mingling of the personal and the private
Types of Devices • Laptops • Theft, Over-the-shoulder, WiFi • Smart Phones • Theft, WiFi, unpatched • Tablets • Theft, WiFi, unpatched • Desktops • Not updated, no virus protections
More Data • Large capacity • Smaller storage medium • Cheap • More cloud-based storage • User can download a large amount of IP quickly • Malicious or innocent intentions
Reasons IP is Compromised • Innocent Reasons – Work outside of office – Curiosity – Recovered IP • Malicious Reasons – Do not like job – Sell IP for profit – Hacktivism – For fun
Employee Views of IP • Attribute ownership to the person who created it • Cheap, easily moved, copied, and manipulated • Okay to take with them to their next job Symantec Report
VW vs. GM • Executives took 1000’s of pages • Photocopied in physical from – Secretary – Other Witnesses • Carried out in boxes of briefcases • Lots of witnesses to IP removal • 100 million Dollar settlement
Starwood vs. Hilton • Over 100,000 files stolen – Starwood luxury concept • Hilton came up with their own version – Board presentations – Market research studies – Valued at 1 million Dollars • Downloaded to laptop – Easy to steal data – Quick, behind closed doors, portable
What Companies Can Do To Protect Themselves
Encrypt Data • VPN • Full-disk encryption • USB sticks • Emails and attachments
Mobile Device Management • Common for employees to bring their own device (BYOD) • Poses many security challenges – Corporate data vulnerable to theft, damage, or deletion – Hard to keep track of – Corporate data and personal data on same device
Software Solutions • MobileNow • MobileIron • Zenprise • IBM • Symantec • Airwatch
Customizable Device Policies • Control which device features and built-in apps can be used • Specify what the authentication requirements are • Apply specific policy sets to specific groups of users – Time, roles, types of data, location
Jailbroken or Rooted Devices • Pose a big security risk – Unstable or not updated • Detect these devices • Enforce greater controls for them – Lock or wipe – Ban from network – Approved apps – Vpn – Device kept up-to-date
Centralized Updating • Update OS and apps remotely – Convenient and easy • All devices patched at the same time – All devices on same footing – Eliminates specific vulnerabilities
Applications • App blacklisting • Block and revoke any apps from any user • Track usage • App-to-app encryption
Email Features • Ability to encrypt attachments • Prevent unauthorized copying and forwarding • Restrict sharing of attachments to certain apps • Specify attachment file types to encrypt
Data Storage • Storage all data in a home directory – Persisitent and centralized location – Easy to set up automatic backups – Easy to selectively distribute data – Easy to track data and wipe if neccesary – Can have multiple clients • Different platforms accessing the same directory
Data Access Restrictions • Geofencing – Data only accessible in certain locations – Prevents data from being accessed off site or an area of the office • Time-Based – Data only accessible at certain times • When employees are working • When a project is active
Remote Lock, Locate, and Wipe • Lost or stolen • Infected with malware • User leaves company
Data Leakage Prevention • Deep content inspection • Reads data to find high value IP • Does not prevent attacks • Limits accidental deletion or moving
Data Leakage Prevention • System figures out sensitive data on it’s own • Logs moving, copying, and deleting • Prevents user from emailing data out by making it read only • Requires fine tuning
Attribute-Based Access Control • Grants access based on attributes – Location – Authentication method – Deviation from the norm – Type of data – Time of access
Cloud Storage Solutions • Data integrity • Access is controlled • Data must be available when needed
Cloud Storage Solutions • Policy for backing up data • Data is encrypted in storage • Data is sent to facility securely • Data is backed up regularly • Data is kept in multiple locations
Employee Training • Protect credentials • Good passwords or passphrases • Social engineering • Alerting IT
Basic Security Principles • Log activities • Set up alerts • Use IDS system • Set up firewalls on internet connections • Control physical access
Basic Security Principles • Set up user accounts • Give users their own account • Provide the minimum amount of access needed
Questions and Comments

More Related Content

PPTX
gkkwqdqqndqw2121234Security essentials domain 4
Anne Starr
 
PPTX
Cybertopic_2security
Anne Starr
 
PDF
CNIT 125: Ch 2. Security and Risk Management (Part 1)
Sam Bowne
 
PDF
CNIT 125: Ch 2. Security and Risk Management (Part 2)
Sam Bowne
 
PPTX
DCD Converged Brazil 2016
Scott Carlson
 
PPTX
10 Quick Cybersecurity Wins for Small Business
SYMBIONT, INC.
 
PDF
Shadow it risks & control managing the unknown unknowns in the deep &...
Priyanka Aash
 
PPTX
CISSP - Chapter 3 - Physical security
Karthikeyan Dhayalan
 
gkkwqdqqndqw2121234Security essentials domain 4
Anne Starr
 
Cybertopic_2security
Anne Starr
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
Sam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
Sam Bowne
 
DCD Converged Brazil 2016
Scott Carlson
 
10 Quick Cybersecurity Wins for Small Business
SYMBIONT, INC.
 
Shadow it risks & control managing the unknown unknowns in the deep &...
Priyanka Aash
 
CISSP - Chapter 3 - Physical security
Karthikeyan Dhayalan
 

What's hot (18)

PPTX
Benefits of IT Outsourcing
MultiTech IT
 
PDF
CNIT 125: Ch 2. Security and Risk Management (Part 2)
Sam Bowne
 
PDF
1. Security and Risk Management
Sam Bowne
 
PDF
3. Security Engineering
Sam Bowne
 
PDF
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Sreejesh Madonandy
 
PDF
3. Security Engineering
Sam Bowne
 
PDF
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
Sam Bowne
 
PDF
Proprietary Information
hypknight
 
PDF
CISSP Prep: Ch 4. Security Engineering (Part 1)
Sam Bowne
 
PDF
CISSP Prep: Ch 6. Identity and Access Management
Sam Bowne
 
PPTX
Solving Document Security
Zia Consulting
 
PPTX
Farfield systems caoabilities feb 2013
John Secondari
 
PDF
Lecture 6 internet services in network
Tanveer Malik
 
PDF
Small Business Guide to Information Security
Leo Welder
 
PPTX
Essential Layers of IBM i Security Series – Network Security
Precisely
 
PPTX
Identity-Based Privacy (IBP)
Igor Zboran
 
PDF
CNIT 125 7. Security Assessment and Testing
Sam Bowne
 
PDF
Andy Blumenthal Talks About Mobility Solutions
Andy (Avraham) Blumenthal
 
Benefits of IT Outsourcing
MultiTech IT
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
Sam Bowne
 
1. Security and Risk Management
Sam Bowne
 
3. Security Engineering
Sam Bowne
 
Even In 2014, Attackers are on steroid on Cloud, since the IT spending on Web...
Sreejesh Madonandy
 
3. Security Engineering
Sam Bowne
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
Sam Bowne
 
Proprietary Information
hypknight
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
Sam Bowne
 
CISSP Prep: Ch 6. Identity and Access Management
Sam Bowne
 
Solving Document Security
Zia Consulting
 
Farfield systems caoabilities feb 2013
John Secondari
 
Lecture 6 internet services in network
Tanveer Malik
 
Small Business Guide to Information Security
Leo Welder
 
Essential Layers of IBM i Security Series – Network Security
Precisely
 
Identity-Based Privacy (IBP)
Igor Zboran
 
CNIT 125 7. Security Assessment and Testing
Sam Bowne
 
Andy Blumenthal Talks About Mobility Solutions
Andy (Avraham) Blumenthal
 
Ad

Viewers also liked (17)

PPTX
Intellectual Property Rights
harshhanu
 
PPTX
badgediva.com
Ramiro Lynch
 
PPT
Sorting searching
ForwardBlog Enewzletter
 
PPT
Veranderdiagnose (een samenvatting)
Jan Wietsma
 
PPT
Identifing And Controlling Intellectual Property Loss Exposures
MVeterano
 
PPTX
Type of data @ Web Mining Discussion
CherryBerry2
 
DOC
Factors Influencing Knowledge Management
Al-Qurmoshi Institute of Business Management, Hyderabad
 
PPTX
Purpose-Driven Organizations: a Conceptual Model
Steven Beauchem
 
PPTX
Trends that will influence the future of knowledge work
Steven Beauchem
 
PPT
Impact of digital technology on intellectual property
Konok Mondal
 
PDF
Web mining slides
mahavir_a
 
PPTX
Intellectual Property Rights In India: Patents Trademarks And Copyrights
JRA & Associates
 
PPTX
Intellectual Property Rights (IPR)
Madhusudan Rao Datrika
 
PPT
Web Mining
guestb73ec6
 
PPTX
Intellectual Property 101
gregmstark
 
PPT
Data mining slides
smj
 
PPTX
Knowledge management
Sehar Abbas
 
Intellectual Property Rights
harshhanu
 
badgediva.com
Ramiro Lynch
 
Sorting searching
ForwardBlog Enewzletter
 
Veranderdiagnose (een samenvatting)
Jan Wietsma
 
Identifing And Controlling Intellectual Property Loss Exposures
MVeterano
 
Type of data @ Web Mining Discussion
CherryBerry2
 
Factors Influencing Knowledge Management
Al-Qurmoshi Institute of Business Management, Hyderabad
 
Purpose-Driven Organizations: a Conceptual Model
Steven Beauchem
 
Trends that will influence the future of knowledge work
Steven Beauchem
 
Impact of digital technology on intellectual property
Konok Mondal
 
Web mining slides
mahavir_a
 
Intellectual Property Rights In India: Patents Trademarks And Copyrights
JRA & Associates
 
Intellectual Property Rights (IPR)
Madhusudan Rao Datrika
 
Web Mining
guestb73ec6
 
Intellectual Property 101
gregmstark
 
Data mining slides
smj
 
Knowledge management
Sehar Abbas
 
Ad

Similar to The Loss of Intellectual Property in the Digital Age: What Companies can d… (20)

DOCX
Protecting Intellectual Property in the Age of WikiLeaks
SocialKwan
 
PDF
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Work-Bench
 
PPT
PCTY 2012, IBM Security and Strategy v. Fabio Panada
IBM Danmark
 
PPTX
It security the condensed version
Brian Pichman
 
PPTX
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired
 
PPTX
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
Michael Noel
 
PPTX
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
Michael Noel
 
PPTX
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
PPTX
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
PPTX
Securing your digital world cybersecurity for sb es
Sonny Hashmi
 
PPTX
Securing your digital world - Cybersecurity for SBEs
Sonny Hashmi
 
PPT
Network Security, Change Control, Outsourcing
Nicholas Davis
 
PDF
Cyber Security, User Interface, and You - Deloitte CIO - WSJ
Sherry Jones
 
PDF
Cyber Security, User Interface, and You - Deloitte CIO - WSJ
Sherry Jones
 
PDF
IT Security Presentation - IIMC 2014 Conference
Jeff Lemmermann
 
PPT
Network security, change control, outsourcing
Nicholas Davis
 
PDF
Data security in cloud
Interop
 
PPTX
cyber security
sumitbajpeyee
 
PPTX
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
PDF
Fall2015SecurityShow
Adam Heller
 
Protecting Intellectual Property in the Age of WikiLeaks
SocialKwan
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Work-Bench
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
IBM Danmark
 
It security the condensed version
Brian Pichman
 
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
Empired
 
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
Michael Noel
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
Michael Noel
 
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
Securing your digital world cybersecurity for sb es
Sonny Hashmi
 
Securing your digital world - Cybersecurity for SBEs
Sonny Hashmi
 
Network Security, Change Control, Outsourcing
Nicholas Davis
 
Cyber Security, User Interface, and You - Deloitte CIO - WSJ
Sherry Jones
 
Cyber Security, User Interface, and You - Deloitte CIO - WSJ
Sherry Jones
 
IT Security Presentation - IIMC 2014 Conference
Jeff Lemmermann
 
Network security, change control, outsourcing
Nicholas Davis
 
Data security in cloud
Interop
 
cyber security
sumitbajpeyee
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
Fall2015SecurityShow
Adam Heller
 

Recently uploaded (20)

PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPTX
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
The various Industrial Revolutions .pptx
bandileshozi3
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
observCloud-Native Containerability and monitoring.pptx
anupsingh76937
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
Five Habits of High-Impact Board Members
OnBoard
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Chapter 5: Probability Theory and Statistics
RandyFin
 

The Loss of Intellectual Property in the Digital Age: What Companies can d…

  • 1. The Loss of Intellectual Property in the Digital Age: What Companies can do to Protect Themselves Christopher Kranich
  • 2. The Digital Revolution • People are now more connected – More information in less time – More often – Greater distances – Many security challenges for business
  • 3. Cyber-based Threats to IP • Sources evolving and growing rapidly – Competitors – Malicious employees – Well intentioned employees – Criminal groups – Hacktivists – Foreign governments
  • 4. IP is Valuable • Cost to design new projects or services – Engineers – Designers • Cost to manufacture – Proprietary processes – Material sourcing – Pricing information • Marketing costs
  • 5. New Work Locations • From home • On The road • Businesses/public places • Security – More chances for deletion, theft of compromise • WiFi networks • Device theft of damage • Over the Shoulder • Co-mingling of the personal and the private
  • 6. Types of Devices • Laptops • Theft, Over-the-shoulder, WiFi • Smart Phones • Theft, WiFi, unpatched • Tablets • Theft, WiFi, unpatched • Desktops • Not updated, no virus protections
  • 7. More Data • Large capacity • Smaller storage medium • Cheap • More cloud-based storage • User can download a large amount of IP quickly • Malicious or innocent intentions
  • 8. Reasons IP is Compromised • Innocent Reasons – Work outside of office – Curiosity – Recovered IP • Malicious Reasons – Do not like job – Sell IP for profit – Hacktivism – For fun
  • 9. Employee Views of IP • Attribute ownership to the person who created it • Cheap, easily moved, copied, and manipulated • Okay to take with them to their next job Symantec Report
  • 10. VW vs. GM • Executives took 1000’s of pages • Photocopied in physical from – Secretary – Other Witnesses • Carried out in boxes of briefcases • Lots of witnesses to IP removal • 100 million Dollar settlement
  • 11. Starwood vs. Hilton • Over 100,000 files stolen – Starwood luxury concept • Hilton came up with their own version – Board presentations – Market research studies – Valued at 1 million Dollars • Downloaded to laptop – Easy to steal data – Quick, behind closed doors, portable
  • 12. What Companies Can Do To Protect Themselves
  • 13. Encrypt Data • VPN • Full-disk encryption • USB sticks • Emails and attachments
  • 14. Mobile Device Management • Common for employees to bring their own device (BYOD) • Poses many security challenges – Corporate data vulnerable to theft, damage, or deletion – Hard to keep track of – Corporate data and personal data on same device
  • 15. Software Solutions • MobileNow • MobileIron • Zenprise • IBM • Symantec • Airwatch
  • 16. Customizable Device Policies • Control which device features and built-in apps can be used • Specify what the authentication requirements are • Apply specific policy sets to specific groups of users – Time, roles, types of data, location
  • 17. Jailbroken or Rooted Devices • Pose a big security risk – Unstable or not updated • Detect these devices • Enforce greater controls for them – Lock or wipe – Ban from network – Approved apps – Vpn – Device kept up-to-date
  • 18. Centralized Updating • Update OS and apps remotely – Convenient and easy • All devices patched at the same time – All devices on same footing – Eliminates specific vulnerabilities
  • 19. Applications • App blacklisting • Block and revoke any apps from any user • Track usage • App-to-app encryption
  • 20. Email Features • Ability to encrypt attachments • Prevent unauthorized copying and forwarding • Restrict sharing of attachments to certain apps • Specify attachment file types to encrypt
  • 21. Data Storage • Storage all data in a home directory – Persisitent and centralized location – Easy to set up automatic backups – Easy to selectively distribute data – Easy to track data and wipe if neccesary – Can have multiple clients • Different platforms accessing the same directory
  • 22. Data Access Restrictions • Geofencing – Data only accessible in certain locations – Prevents data from being accessed off site or an area of the office • Time-Based – Data only accessible at certain times • When employees are working • When a project is active
  • 23. Remote Lock, Locate, and Wipe • Lost or stolen • Infected with malware • User leaves company
  • 24. Data Leakage Prevention • Deep content inspection • Reads data to find high value IP • Does not prevent attacks • Limits accidental deletion or moving
  • 25. Data Leakage Prevention • System figures out sensitive data on it’s own • Logs moving, copying, and deleting • Prevents user from emailing data out by making it read only • Requires fine tuning
  • 26. Attribute-Based Access Control • Grants access based on attributes – Location – Authentication method – Deviation from the norm – Type of data – Time of access
  • 27. Cloud Storage Solutions • Data integrity • Access is controlled • Data must be available when needed
  • 28. Cloud Storage Solutions • Policy for backing up data • Data is encrypted in storage • Data is sent to facility securely • Data is backed up regularly • Data is kept in multiple locations
  • 29. Employee Training • Protect credentials • Good passwords or passphrases • Social engineering • Alerting IT
  • 30. Basic Security Principles • Log activities • Set up alerts • Use IDS system • Set up firewalls on internet connections • Control physical access
  • 31. Basic Security Principles • Set up user accounts • Give users their own account • Provide the minimum amount of access needed