Theft of confidential information and trade secrets can be just as damaging to your business as embezzlement or other employee fraud. Help protect your competitive advantage with these tips.
Be careful when you are throwing out copies of sensitive or confidential documents. These include: financial statements, proposals, customer information, reports, receipts, bills, invoices, etc. Don't just toss these in the trash. Shred them first. Putting them in the garbage unshredded opens up a range of security issues. If your trash is not disposed of properly, these documents could easily end up in the wrong hands... or blowing down the street past your competitors. In addition, industrial spies have been known to go through garbage looking for confidential data. Make shredding a company–wide practice — insist that your employees dispose of all papers this way.
Don't let a disgruntled ex–employee become a security threat. Have a plan in place to keep a person from leaving your company with confidential documents. Some steps to follow include:
Require your employees to use passwords to access your computers or your network. This will serve to keep unauthorized people away from important files. Don't let employees get lazy with their passwords — make them change them on a monthly basis. Dissuade people from using features that "remember" passwords — this can make it easy for an unauthorized person to gain access to your system. Insist that users log off your network whenever they're away from their desks, so unauthorized users can't jump in from their workstations.
Make sure employees understand that theft of intellectual property is as serious to your business as theft of physical property. Use a non–disclosure agreement, or a non–disclosure clause in an employment contract, to spell out employees' responsibilities regarding confidential or trade secret information. Be sure you define what your company considers to be confidential. This is critical, since it clearly differentiates which information belongs to your company and which belongs to the ex–employee. The agreement also should outline steps the employee must take to maintain confidentiality, such as using computer passwords, not removing sales lists from the premises, not copying documents to disk, etc.
Set and enforce strict procedures for access to confidential or trade secret information. Create a hierarchy of access among your employees for sensitive information — allow only those who need certain information to see it. For example, a sales rep may need customer contact information for his or her territory. But the rep does not need your entire client list, and does not need access to billing data. Label key electronic documents (such as your customer database) as "read only" so they can not be altered or written to disk.
Don't make it easy for people who aren't supposed to see confidential documents to snoop. Encourage everyone at your business to take certain basic precautions. Never leave documents lying around. File things away when you're done with them or when you're away from your desk. Lock your filing cabinet and your desk when you're away. Close computer files when they are not being used and never leave a file on your screen when you go away from your desk.
The previous content is provided by OPEN: The Small Business NetworkSM from American Express.