Shulou(Shulou.com)06/01 Report--

It is not the distant mountains that make you tired, but a stone in your shoe. What scares enterprises is not their powerful competitors, but their own trade secrets have become the cards in each other's hands-how on earth are the secrets leaked?

"Enterprise safety depends on technology in three parts and management in seven parts. The establishment of a strict and easy-to-operate management system is the basis for reducing safety problems."

The latent risk of peak turnover

With the end of the year approaching, enterprises begin to enter the peak of job-hopping in a year.

A recent survey shows that 85% of employees can easily download "competitive" materials and information and take them to their next job. Although most workers can download materials from their current companies, only 32% will "sell" them in order to increase their competitiveness in their next job. More than 80% of people admit to downloading materials, documents, etc., from work for use at home, and the most common way is to use USB to transfer data.

For enterprises, those employees who are about to leave are very dangerous. Because for whatever reason, they all want to be able to obtain the necessary resources for their future work. One former employee said calmly: "in fact, it has become a habit for former employees to take some information from the original company through various means, of course, these materials are only convenient for later work, not directly used for sale." Of course, there are also some employees who actively answer their employer's questions in order to win the favor of the new employer, many of which are deliberately set by the new employer in order to obtain the information of their competitors.

Of course, there is no lack of employees deliberately divulge corporate trade secrets for their own interests.

A few years ago, there was an incident in which Coca-Cola employees sold company information: Pepsi, based in New York, provided Coca-Cola with a copy of its email. The email was sent to Pepsi in an official business envelope from Coca-Cola. The sender, "Dirk", described himself as a senior Coca-Cola employee and provided "very detailed confidential information." Coca-Cola immediately contacted the Federal Bureau of investigation, which immediately launched a secret investigation. Since then, the whistleblower, who calls himself "Dirk", has provided several other top-secret Coca-Cola documents that have been confirmed as trade secrets, as well as a confidential sample of Coca-Cola's new products.

A few days later, a federal agent offered to buy other trade secrets from Dirk for $1.5 million. It was later confirmed that the secret was a sample of a new product being developed by Coca-Cola. Finally, the three suspects were punished as they deserved, and Coca-Cola reviewed its data protection policies, procedures and systems to ensure that intellectual property rights were not infringed.

So, what kind of behavior can be regarded as divulging the company's trade secrets? How should enterprises prevent and deal with employees from divulging the company's trade secrets?

What exactly is "secret"?

What is a trade secret for an enterprise? The scope of trade secrets is very wide, and any specific information related to social competition and economic interests may constitute trade secrets. For example: product formulations, process procedures, R & D codes, R & D materials, machinery and equipment improvement plans, drawings, customer data, financial data, business plans and so on. At the same time, trade secrets refer to the technical information and business information which are not known to the public, can bring economic benefits to the obligee, are practical and are kept secret by the obligee.

In many enterprises, the leakage of trade secrets occurs every day. However, for this kind of information loss, enterprises and employees may not know at all. For example, as a boss inadvertently revealed trade secrets in a work meeting, and don't forget that "the speaker has no intention, the listener is intentional", so to avoid "disaster comes out of the mouth", you must first establish a sense of secrecy from the top and put it into practice. it is possible to make your employees aware, examine and realize whether their actions have been leaked.

One boss said: he once had an employee who took the software he designed when he left. Because his reason is: the software is designed by oneself, it should be own ownership, if the company wants to use it, then it must pay, otherwise it will be infringement; some employees think: customers are developed by me, why don't I have the right to take away their data? As a result, employees are generally justified, and enterprises are at a loss what to do.

However, there is a legal definition of "service invention", and the owner of such invention is the enterprise. Service invention refers to the invention and creation completed by carrying out the tasks of the unit (including the temporary work unit) or mainly making use of the material and technical conditions of the unit (which refers to the funds, equipment, spare parts, raw materials or technical materials not disclosed to the public, etc.). Then, based on the position of customer resources, there is no doubt that it should be enterprise resources. Therefore, enterprises should find ways to collect and store these resources and fully do a good job in knowledge management; and the process of developing new products is actually the weakest moment of protection. Therefore, in the enterprise, it is necessary to relatively block the information and let the least people know the trend of the new product. However, why do employees divulge company secrets and sell information? There is no denying that selling information can sometimes become a means of making money, a capital for job-hopping or a weight for asking price, or even a hidden arrow for revenge.

So, how to value the "secret storehouse" of enterprises?

Be optimistic about the "secret storehouse" of enterprises

Both Lenovo, which inherited the "corporate is home" culture, and Baidu, the best employer in recent years, have been controversial for lightning layoffs. Although this has to be called a good way to protect trade secrets, it is difficult to accept this too "cold" approach. But there is no denying that Lenovo's practice of shutting down ID in its local area network before layoffs is one way.

With the improvement of science and technology, a small flash memory, an EMAIL, audio recording, secret photography and other means may make the secret instant no longer a secret, and even with the increase of insiders, it becomes very difficult to pursue and claim claims.

So, how to prevent employees from leaking secrets?

First, a large number of leaks are made through computers and copies, so the problem of technical leaks must be solved by technical methods. For example: install software that prevents copying. It is not only necessary to set up professional supervision, but also through technical supervision.

The second is to break up the pieces and dilute the secrets. Enterprises might as well determine the level of confidentiality and the number of people involved according to the value of the information. Since the development of a project requires the cooperation of many people, if there are no secrets between departments, then the company will have no secrets. Therefore, an important principle of confidentiality is to dilute core secrets so that those who need them only know what they can know. In other words, divide certain projects and plans into several parts and links, allowing different people to know, but each person only knows a part of himself, and no one knows all of them, that is, the principle of not putting eggs in the same basket.

Third, the use of top secret documents needs to be approved by a legal representative. At the same time, it is necessary to establish a strict authorization system and an accountability system for leaking secrets. For enterprises, the focus of secrecy is not the mature technology, but the technology being developed and the core new technology. Because these technologies are not patented yet, once leaked, they will become a means to be beaten and defeated by competitors. Information security is not a matter of a department, but needs to start security protection in the period of information formation. According to the value of secrets, set the cost of protection, according to the value of protected trade secrets, to determine the appropriate scope of protection. At the same time, the fewer people who know, once there is a disclosure of secrets, it is relatively easy to define responsibility and responsible persons.

Fourth, pay attention to detail management. Identify key positions and key departments to implement key protection. At the same time, improve the confidentiality procedure from the construction of the internal process system. Especially for R & D, finance, information systems and other core departments, we should pay more attention to the quality of their personnel, not only pay attention to management and incentives, but also make them feel trust and responsibility. At the same time, enterprises should pay attention to the emotional and psychological feelings of employees in order to prevent malicious leaks.

Fifth, improve the system and safeguard rights in accordance with the law. To strengthen secrecy education and cultivate secrecy awareness is not only for enterprises to do, but also to formulate a secrecy system according to the specific conditions of enterprises. For example: the signing of non-competition agreements with core employees, the management of computer hard drives, the handover before leaving, the centralized management of customer information, and so on. Non-compete agreements are important, but the construction of corporate secrecy culture, employee motivation, trust in employees, and the strengthening of senior executives' own professional ethics are more important.

The game between morality and interests exists all the time. Once said, "there are no friends on the security front." For enterprises, how to make ex-employees, full of gratitude rather than resentment, and even can still be friends with the enterprise, really need a cultural realm.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.